urlscan.io logo urlscan.io
SecurityTrails logo

forward.com Open in urlscan Pro
141.193.213.21  Public Scan

Go To Rescan Add Verdict Report
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Submission: On December 24 via api from CZ — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 152 IPs in 16 countries across 131 domains to perform 2976 HTTP transactions. The main IP is 141.193.213.21, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is forward.com. The Cisco Umbrella rank of the primary domain is 260566.
TLS certificate: Issued by R3 on November 11th 2022. Valid for: 3 months.
This is the only time forward.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
55 141.193.213.21 209242 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:230... 16509 (AMAZON-02)
1 2a04:4e42:800... 54113 (FASTLY)
5 2606:4700:20:... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2620:1ec:4f:1... 8075 (MICROSOFT...)
2 2a03:2880:f02... 32934 (FACEBOOK)
1 2a04:4e42:600... 54113 (FASTLY)
3 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
5 52.184.204.244 8075 (MICROSOFT...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
49 2a00:1450:400... 15169 (GOOGLE)
3 34.199.154.34 14618 (AMAZON-AES)
2 2a03:2880:f12... 32934 (FACEBOOK)
1 13.225.78.66 16509 (AMAZON-02)
9 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a02:26f0:11a... 20940 (AKAMAI-ASN1)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
5 52.28.92.0 16509 (AMAZON-02)
4 44.198.4.174 14618 (AMAZON-AES)
30 159.89.246.130 14061 (DIGITALOC...)
5 34.240.174.255 16509 (AMAZON-02)
102 2602:803:c003... 26667 (RUBICONPR...)
1 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
15 2a00:1450:400... 15169 (GOOGLE)
18 199.10.31.14 36483 (GOSSAMERT...)
1 52.24.69.139 16509 (AMAZON-02)
1 13.32.121.114 16509 (AMAZON-02)
31 2606:4700::68... 13335 (CLOUDFLAR...)
96 13.224.189.40 16509 (AMAZON-02)
41 2a00:1450:400... 15169 (GOOGLE)
90 2606:4700::68... 13335 (CLOUDFLAR...)
8 2a00:1450:400... 15169 (GOOGLE)
3 147.75.83.64 54825 (PACKET)
11 2a00:1450:400... 15169 (GOOGLE)
90 2606:4700:20:... 13335 (CLOUDFLAR...)
32 2a00:1450:400... 15169 (GOOGLE)
112 185.86.138.16 201081 (SMARTADSE...)
90 185.184.8.90 204995 (RTB-HOUSE...)
13 217 37.252.173.215 29990 (ASN-APPNEX)
90 2a02:2638::24 44788 (ASN-CRITE...)
6 162.55.101.208 24940 (HETZNER-AS)
90 104.18.33.19 13335 (CLOUDFLAR...)
94 185.64.189.112 62713 (AS-PUBMATIC)
31 2a00:1450:400... 15169 (GOOGLE)
46 2.18.233.180 16625 (AKAMAI-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
30 217.79.188.59 24961 (MYLOC-AS ...)
1 17 217.79.188.46 24961 (MYLOC-AS ...)
40 151.101.65.108 54113 (FASTLY)
108 37.252.171.84 29990 (ASN-APPNEX)
22 107.178.244.119 15169 (GOOGLE)
22 13.225.78.7 16509 (AMAZON-02)
10 104.64.122.89 16625 (AKAMAI-AS)
11 11 85.114.159.93 24961 (MYLOC-AS ...)
10 34.98.67.61 396982 (GOOGLE-CL...)
4 144.76.104.53 24940 (HETZNER-AS)
1 3 185.29.132.242 30419 (MEDIAMATH...)
1 92.123.37.164 16625 (AKAMAI-AS)
10 13.225.78.97 16509 (AMAZON-02)
8 18.156.195.47 16509 (AMAZON-02)
16 165.227.116.104 14061 (DIGITALOC...)
16 72.251.249.14 32475 (SINGLEHOP...)
66 151.101.1.108 54113 (FASTLY)
10 35 54.78.4.225 16509 (AMAZON-02)
7 2600:9000:21f... 16509 (AMAZON-02)
6 6 217.79.188.54 24961 (MYLOC-AS ...)
5 52.209.167.52 16509 (AMAZON-02)
10 13.224.189.45 16509 (AMAZON-02)
3 23.203.124.180 16625 (AKAMAI-AS)
123 205.185.216.10 20446 (STACKPATH...)
1 5 138.201.63.145 24940 (HETZNER-AS)
4 9 51.89.9.254 16276 (OVH)
5 2a02:6ea0:f40... 60068 (CDN77 ^_^)
22 35.71.131.137 16509 (AMAZON-02)
6 6 193.0.160.128 54312 (ROCKETFUEL)
16 85 172.64.154.237 13335 (CLOUDFLAR...)
5 35.186.253.211 15169 (GOOGLE)
5 69.166.1.10 27630 (AS-XFERNET)
14 40 142.250.186.166 15169 (GOOGLE)
40 2a02:2638::3 44788 (ASN-CRITE...)
4 4 147.75.85.234 54825 (PACKET)
4 2a02:fa8:8806... 41041 (VCLK-EU-SE)
4 34.95.69.49 396982 (GOOGLE-CL...)
4 11 2a02:2638:1::13 44788 (ASN-CRITE...)
4 2600:1901:0:8... 15169 (GOOGLE)
8 178.250.0.157 44788 (ASN-CRITE...)
6 54.73.211.146 16509 (AMAZON-02)
1 7 185.64.190.78 62713 (AS-PUBMATIC)
19 13.225.78.79 16509 (AMAZON-02)
4 35.244.159.8 15169 (GOOGLE)
1 9 217.79.188.21 24961 (MYLOC-AS ...)
2 13.225.78.59 16509 (AMAZON-02)
16 198.47.127.18 3257 (GTT-BACKB...)
7 128 185.80.39.216 27381 (CASALE-MEDIA)
6 162.55.233.29 24940 (HETZNER-AS)
5 10 54.195.67.129 16509 (AMAZON-02)
5 18 34.240.144.110 16509 (AMAZON-02)
39 2a00:1450:400... 15169 (GOOGLE)
24 13.224.189.110 16509 (AMAZON-02)
10 142.250.186.130 15169 (GOOGLE)
1 2a0b:4d07:401::1 44239 (PROINITY ...)
1 2 23.199.220.85 16625 (AKAMAI-AS)
1 1 85.239.105.10 16097 (HLKOMM 04...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 13.41.252.217 16509 (AMAZON-02)
1 2 142.250.185.134 15169 (GOOGLE)
76 23.64.52.128 16625 (AKAMAI-AS)
2 2 2001:678:cb4:... 56396 (AMOBEE)
67 172.64.151.162 13335 (CLOUDFLAR...)
3 3.223.100.168 14618 (AMAZON-AES)
37 2600:9000:21f... 16509 (AMAZON-02)
13 13 185.29.134.244 30419 (MEDIAMATH...)
10 20 185.64.189.110 62713 (AS-PUBMATIC)
2 2 213.155.156.166 1299 (TWELVE99 ...)
1 178.250.2.151 44788 (ASN-CRITE...)
2 4 52.95.126.160 16509 (AMAZON-02)
9 9 2620:116:800d... 16509 (AMAZON-02)
3 3 54.81.22.167 14618 (AMAZON-AES)
7 18 54.76.69.248 16509 (AMAZON-02)
22 24 142.251.208.162 15169 (GOOGLE)
1 1 198.148.27.139 19189 (PULSEPOINT)
1 1 185.86.137.131 201081 (SMARTADSE...)
10 10 151.101.66.49 54113 (FASTLY)
9 9 35.214.223.115 15169 (GOOGLE)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 195.5.165.20 44968 (IPROM-AS)
2 2 213.19.147.45 3356 (LEVEL3)
1 162.55.120.196 24940 (HETZNER-AS)
10 64.95.96.108 32475 (SINGLEHOP...)
1 1 141.95.171.139 16276 (OVH)
1 1 141.94.170.77 16276 (OVH)
1 3 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2 34.111.129.221 396982 (GOOGLE-CL...)
1 34.111.131.239 396982 (GOOGLE-CL...)
8 9 35.204.158.49 396982 (GOOGLE-CL...)
18 20 37.157.5.141 198622 (ADFORM)
1 28 2a05:d018:d29... 16509 (AMAZON-02)
14 14 3.126.56.137 16509 (AMAZON-02)
4 198.47.127.20 62713 (AS-PUBMATIC)
17 17 35.157.140.187 16509 (AMAZON-02)
1 1 18.159.49.230 16509 (AMAZON-02)
7 8 2a02:fa8:8806... 41041 (VCLK-EU-SE)
8 98.98.134.241 21859 (ZEN-ECN)
1 1 159.65.196.12 14061 (DIGITALOC...)
1 1 34.102.253.54 396982 (GOOGLE-CL...)
6 6 37.252.171.52 29990 (ASN-APPNEX)
5 5 3.124.207.220 16509 (AMAZON-02)
10 18.169.195.169 16509 (AMAZON-02)
20 2.18.232.99 16625 (AKAMAI-AS)
1 13.224.189.4 16509 (AMAZON-02)
1 13.225.78.124 16509 (AMAZON-02)
8 8 34.111.151.213 396982 (GOOGLE-CL...)
4 213.202.235.9 24961 (MYLOC-AS ...)
1 8 52.46.128.147 16509 (AMAZON-02)
5 5 34.96.71.22 396982 (GOOGLE-CL...)
8 8 34.95.81.168 396982 (GOOGLE-CL...)
4 4 185.183.112.155 60350 (VP)
9 2a05:d018:cc3... 16509 (AMAZON-02)
3 3 52.220.229.2 16509 (AMAZON-02)
4 4 34.248.17.75 16509 (AMAZON-02)
7 7 64.74.236.127 22075 (AS-OUTBRAIN)
5 5 141.226.228.48 200478 (TABOOLA-AS)
11 2606:4700:20:... 13335 (CLOUDFLAR...)
24 24 135.125.160.77 16276 (OVH)
3 4 2.16.106.211 20940 (AKAMAI-ASN1)
2 2 188.34.190.28 24940 (HETZNER-AS)
3 2602:803:c003... 26667 (RUBICONPR...)
2 2 18.158.198.21 16509 (AMAZON-02)
2 4 69.173.144.165 26667 (RUBICONPR...)
4 4 69.173.144.138 26667 (RUBICONPR...)
1 2620:1ec:21::14 8068 (MICROSOFT...)
1 3 35.186.193.173 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
36 2600:1f13:800... 16509 (AMAZON-02)
2 4 52.203.53.149 14618 (AMAZON-AES)
2 4 77.243.60.138 42697 (NETIC-AS)
4 4 35.201.96.126 15169 (GOOGLE)
2 185.64.189.229 62713 (AS-PUBMATIC)
4 4 141.94.171.216 16276 (OVH)
2 2 18.198.126.47 16509 (AMAZON-02)
1 1 3.69.181.163 16509 (AMAZON-02)
2 2 35.205.207.25 396982 (GOOGLE-CL...)
1 52.207.109.34 14618 (AMAZON-AES)
1 89.185.33.185 8426 (CLARANET-...)
1 54.154.171.181 16509 (AMAZON-02)
2976 152
55    141.193.213.21 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
forward.com
4    2a00:1450:400d:803::2008 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2600:9000:2304:e600:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
1    2a04:4e42:800::282 (United States)

ASN54113 (FASTLY, US)
polyfill.io
5    2606:4700:20::681a:709 (United States)

ASN13335 (CLOUDFLARENET, US)
console.adgrid.io
4    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2606:4700:3031::6815:3c9f (United States)

ASN13335 (CLOUDFLARENET, US)
www.npttech.com
2    2620:1ec:4f:1::44 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
2    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a04:4e42:600::714 (United States)

ASN54113 (FASTLY, US)
mab.chartbeat.com
3    2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
3    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
9    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
5    52.184.204.244 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
n.clarity.ms
2    2606:4700::6810:f015 (United States)

ASN13335 (CLOUDFLARENET, US)
experience.piano.io
c2.piano.io
49    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
3    34.199.154.34 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-154-34.compute-1.amazonaws.com
ping.chartbeat.net
2    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    13.225.78.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-66.fra2.r.cloudfront.net
widget.sellwild.com
9    2606:4700::6811:bab1 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.tinypass.com
buy.tinypass.com
4    2a02:26f0:11a:398::268b (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
cdn.cxense.com
2    2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
5    52.28.92.0 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-92-0.eu-central-1.compute.amazonaws.com
hb.emxdgt.com
4    44.198.4.174 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-198-4-174.compute-1.amazonaws.com
exchange.postrelease.com
30    159.89.246.130 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
e.serverbid.com
x.serverbid.com
5    34.240.174.255 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-174-255.eu-west-1.compute.amazonaws.com
ads.servenobid.com
102    2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
smarttag.rubiconproject.com
1    2a00:1450:400d:803::2002 (Ireland)

ASN15169 (GOOGLE, US)
adservice.google.de
10    2a00:1450:400d:80e::2002 (Ireland)

ASN15169 (GOOGLE, US)
adservice.google.com
7    2a00:1450:400d:807::2001 (Ireland)

ASN15169 (GOOGLE, US)
18ac39e9d44761ba375f80b3a5165cc4.safeframe.googlesyndication.com
ed261e9d5f80ee9aeb3267a5c8ea321d.safeframe.googlesyndication.com
cc7252416ebc341fc31d3df3ea1fddde.safeframe.googlesyndication.com
5910bc36042e5ea26beb34c4e16d8590.safeframe.googlesyndication.com
3beb1f81fc485bd83fb3615e658cef3b.safeframe.googlesyndication.com
dd03b60b7cea74449bd5679d8ed8afe5.safeframe.googlesyndication.com
5a0b7fa0b7bc097353a0829cd558de54.safeframe.googlesyndication.com
15    2a00:1450:400d:808::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
18    199.10.31.14 (Edmonton, Canada)

ASN36483 (GOSSAMERTHREADS, CA)
ads.bidstreamserver.com
1    52.24.69.139 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-24-69-139.us-west-2.compute.amazonaws.com
a.ad.gt
1    13.32.121.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-114.fra60.r.cloudfront.net
cache.sellwild.com
31    2606:4700::6811:b6b1 (United States)

ASN13335 (CLOUDFLARENET, US)
buy.tinypass.com
96    13.224.189.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-40.fra2.r.cloudfront.net
flashnetic.com
41    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
90    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
8    2a00:1450:400d:805::2002 (Ireland)

ASN15169 (GOOGLE, US)
adservice.google.de
3    147.75.83.64 (Schiphol, Netherlands)

ASN54825 (PACKET, US)
p1cluster.cxense.com
comcluster.cxense.com
id.cxense.com
11    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
90    2606:4700:20::681a:b19 (United States)

ASN13335 (CLOUDFLARENET, US)
hb.adpone.com
32    2a00:1450:400d:804::2001 (Ireland)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
112    185.86.138.16 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
90    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
prebid-eu.creativecdn.com
217    37.252.173.215 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
90    2a02:2638::24 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
6    162.55.101.208 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.208.101.55.162.clients.your-server.de
shb.richaudience.com
90    104.18.33.19 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
94    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
31    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
46    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    2606:4700::6811:b9b1 (United States)

ASN13335 (CLOUDFLARENET, US)
id.forward.com
30    217.79.188.59 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: imagesrv.adition.com
imagesrv.adition.com
17    217.79.188.46 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: ad4.adfarm1.adition.com
ad4.adfarm1.adition.com
40    151.101.65.108 (United States)

ASN54113 (FASTLY, US)
cdn.adnxs.com
dcdn.adnxs.com
crcdn01.adnxs.com
108    37.252.171.84 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
fra1-ib.adnxs.com
22    107.178.244.119 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 119.244.178.107.bc.googleusercontent.com
beacon.sojern.com
22    13.225.78.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-7.fra2.r.cloudfront.net
choices.truste.com
10    104.64.122.89 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a104-64-122-89.deploy.static.akamaitechnologies.com
servedby.flashtalking.com
11    85.114.159.93 (Tuttlingen, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
10    34.98.67.61 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
4    144.76.104.53 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.53.104.76.144.clients.your-server.de
hal9000.redintelligence.net
3    185.29.132.242 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
tags.mathtag.com
1    92.123.37.164 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-37-164.deploy.static.akamaitechnologies.com
pixel.mathtag.com
10    13.225.78.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-97.fra2.r.cloudfront.net
sync.serverbid.com
8    18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
c2shb.pubgw.yahoo.com
16    165.227.116.104 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: prebid2.advertserve.com
prebid.bidstreamserver.com
16    72.251.249.14 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
66    151.101.1.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
35    54.78.4.225 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-4-225.eu-west-1.compute.amazonaws.com
pixel.adsafeprotected.com
7    2600:9000:21f3:3c00:1e:a43d:b640:93a1 (United States)

ASN16509 (AMAZON-02, US)
secure-gl.imrworldwide.com
6    217.79.188.54 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: aa.adfarm1.adition.com
ad13.adfarm1.adition.com
5    52.209.167.52 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-167-52.eu-west-1.compute.amazonaws.com
synchrobox.adswizz.com
10    13.224.189.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-45.fra2.r.cloudfront.net
cdn.adswizz.com
delivery-cdn-cf.adswizz.com
3    23.203.124.180 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-124-180.deploy.static.akamaitechnologies.com
acdn.adnxs-simple.com
crcdn01.adnxs-simple.com
123    205.185.216.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net
cdn.flashtalking.com
5    138.201.63.145 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.145.63.201.138.clients.your-server.de
hal900010.redintelligence.net
9    51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu
onetag-sys.com
5    2a02:6ea0:f400::4 (United Kingdom)

ASN60068 (CDN77 ^_^, GB)
vid.vidoomy.com
22    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
6    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
85    172.64.154.237 (United States)

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
dsum.casalemedia.com
5    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
5    69.166.1.10 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
40    142.250.186.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net
ad.doubleclick.net
40    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
4    147.75.85.234 (Schiphol, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
4    2a02:fa8:8806:12::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
prebid-match.dotomi.com
4    34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com
i.clean.gg
11    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
4    2600:1901:0:8344:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
lexicon.33across.com
8    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
6    54.73.211.146 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-73-211-146.eu-west-1.compute.amazonaws.com
id.crwdcntrl.net
sync.crwdcntrl.net
7    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
19    13.225.78.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-79.fra2.r.cloudfront.net
cdn.advanseads.com
4    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
u.openx.net
9    217.79.188.21 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: ad2.adfarm1.adition.com
ad2.adfarm1.adition.com
2    13.225.78.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-59.fra2.r.cloudfront.net
tagan.adlightning.com
16    198.47.127.18 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image8.pubmatic.com
128    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
6    162.55.233.29 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.29.233.55.162.clients.your-server.de
sync.richaudience.com
10    54.195.67.129 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-195-67-129.eu-west-1.compute.amazonaws.com
synchroscript.deliveryengine.adswizz.com
18    34.240.144.110 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-144-110.eu-west-1.compute.amazonaws.com
dpm.demdex.net
39    2a00:1450:4001:80b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
24    13.224.189.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-110.fra2.r.cloudfront.net
choices.trustarc.com
10    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
googleads4.g.doubleclick.net
1    2a0b:4d07:401::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)
adv.office-partner.de
2    23.199.220.85 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-199-220-85.deploy.static.akamaitechnologies.com
www.awin1.com
1    85.239.105.10 (Eilenburg, Germany)

ASN16097 (HLKOMM 04107 Leipzig, DE)
trf.greatviews.de
4    2606:4700::6813:b979 (United States)

ASN13335 (CLOUDFLARENET, US)
www.parship.de
1    13.41.252.217 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-41-252-217.eu-west-2.compute.amazonaws.com
track.webgains.com
2    142.250.185.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f6.1e100.net
5994599.fls.doubleclick.net
76    23.64.52.128 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-64-52-128.deploy.static.akamaitechnologies.com
ads.rubiconproject.com
eus.rubiconproject.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
67    172.64.151.162 (United States)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
3    3.223.100.168 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-223-100-168.compute-1.amazonaws.com
delivery.advanseads.com
37    2600:9000:21f3:4800:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
13    185.29.134.244 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
20    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
2    213.155.156.166 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-166.teliacarrier-cust.com
d5p.de17a.com
1    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
4    52.95.126.160 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
9    2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
3    54.81.22.167 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-81-22-167.compute-1.amazonaws.com
sync.srv.stackadapt.com
18    54.76.69.248 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-69-248.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
24    142.251.208.162 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s43-in-f2.1e100.net
cm.g.doubleclick.net
1    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    185.86.137.131 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
10    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
9    35.214.223.115 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 115.223.214.35.bc.googleusercontent.com
csync.loopme.me
2    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
2    213.19.147.45 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.1rx.io
1    162.55.120.196 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.196.120.55.162.clients.your-server.de
matching.truffle.bid
10    64.95.96.108 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
1    141.95.171.139 (France)

ASN16276 (OVH, FR)
PTR: bixel-5.cloudy.ovh
green.erne.co
1    141.94.170.77 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-6.cloudy.ovh
pixel-eu.onaudience.com
3    2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
spl.zeotap.com
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
1    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
9    35.204.158.49 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com
um.simpli.fi
20    37.157.5.141 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
28    2a05:d018:d29:3605:965e:3ef:16d0:9a4c (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
14    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
4    198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
17    35.157.140.187 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-140-187.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    18.159.49.230 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-49-230.eu-central-1.compute.amazonaws.com
sonata-notifications.taptapnetworks.com
8    2a02:fa8:8806:16::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
casale-match.dotomi.com
8    98.98.134.241 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
1    159.65.196.12 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
6    37.252.171.52 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
5    3.124.207.220 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-207-220.eu-central-1.compute.amazonaws.com
pm.w55c.net
10    18.169.195.169 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-169-195-169.eu-west-2.compute.amazonaws.com
ad-events.flashtalking.com
20    2.18.232.99 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-99.deploy.static.akamaitechnologies.com
stat.flashtalking.com
1    13.224.189.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-4.fra2.r.cloudfront.net
analytics.webgains.io
1    13.225.78.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-124.fra2.r.cloudfront.net
cdn.track.production.webgains.team
8    34.111.151.213 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 213.151.111.34.bc.googleusercontent.com
dmp.brand-display.com
4    213.202.235.9 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
m.exactag.com
8    52.46.128.147 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
5    34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
8    34.95.81.168 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 168.81.95.34.bc.googleusercontent.com
euexchangesync.digitaleast.mobi
4    185.183.112.155 (Paris, France)

ASN60350 (VP, FR)
sync.adotmob.com
9    2a05:d018:cc3:fe05:1f91:910c:4285:3fe6 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
d.adroll.com
3    52.220.229.2 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-229-2.ap-southeast-1.compute.amazonaws.com
cm-supply-web.gammaplatform.com
4    34.248.17.75 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-17-75.eu-west-1.compute.amazonaws.com
r.scoota.co
7    64.74.236.127 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
5    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
11    2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
24    135.125.160.77 (France)

ASN16276 (OVH, FR)
PTR: ns3195934.ip-135-125-160.eu
gu.dyntrk.com
4    2.16.106.211 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-106-211.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
2    188.34.190.28 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.28.190.34.188.clients.your-server.de
bidswitch-eu.splicky.com
3    2602:803:c003:200::27 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
beacon-ams3.rubiconproject.com
2    18.158.198.21 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-198-21.eu-central-1.compute.amazonaws.com
ads.creative-serving.com
4    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
4    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
3    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
cm.ctnsnet.com
ipac.ctnsnet.com
1    2606:4700::6810:cb16 (United States)

ASN13335 (CLOUDFLARENET, US)
eum.instana.io
36    2600:1f13:800:7780:e69a:c43c:f0d:9cd8 (Boardman, United States)

ASN16509 (AMAZON-02, US)
dt.adsafeprotected.com
4    52.203.53.149 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-53-149.compute-1.amazonaws.com
a.audrte.com
4    77.243.60.138 (Norresundby, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
4    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com
visitor.fiftyt.com
2    185.64.189.229 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
4    141.94.171.216 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-10.cloudy.ovh
pixel.onaudience.com
2    18.198.126.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-126-47.eu-central-1.compute.amazonaws.com
loada.exelator.com
1    3.69.181.163 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-181-163.eu-central-1.compute.amazonaws.com
1f2e7.v.fwmrm.net
2    35.205.207.25 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 25.207.205.35.bc.googleusercontent.com
ads.avads.net
1    52.207.109.34 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-109-34.compute-1.amazonaws.com
count.advanseads.com
1    89.185.33.185 (Paris, France)

ASN8426 (CLARANET-AS ClaraNET LTD, GB)
extranet.availpro.com
1    54.154.171.181 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-171-181.eu-west-1.compute.amazonaws.com
tracker.book-secure.com
Apex Domain
Subdomains		 Transfer
437 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 210
cdn.adnxs.com — Cisco Umbrella Rank: 1402
fra1-ib.adnxs.com — Cisco Umbrella Rank: 7191
acdn.adnxs.com — Cisco Umbrella Rank: 576
dcdn.adnxs.com — Cisco Umbrella Rank: 10528
secure.adnxs.com — Cisco Umbrella Rank: 414
crcdn01.adnxs.com — Cisco Umbrella Rank: 10816
3 MB
303 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 482
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 419
dsum.casalemedia.com — Cisco Umbrella Rank: 1324
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 513
225 KB
189 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 449
ads.pubmatic.com — Cisco Umbrella Rank: 481
image6.pubmatic.com — Cisco Umbrella Rank: 716
image8.pubmatic.com — Cisco Umbrella Rank: 594
simage2.pubmatic.com — Cisco Umbrella Rank: 641
image2.pubmatic.com — Cisco Umbrella Rank: 852
image4.pubmatic.com — Cisco Umbrella Rank: 824
simage4.pubmatic.com — Cisco Umbrella Rank: 1176
aud.pubmatic.com — Cisco Umbrella Rank: 4185
522 KB
189 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 462
ads.rubiconproject.com — Cisco Umbrella Rank: 2891
eus.rubiconproject.com — Cisco Umbrella Rank: 529
smarttag.rubiconproject.com — Cisco Umbrella Rank: 16023
beacon-ams3.rubiconproject.com — Cisco Umbrella Rank: 10001
pixel.rubiconproject.com — Cisco Umbrella Rank: 309
token.rubiconproject.com — Cisco Umbrella Rank: 563
449 KB
163 flashtalking.com
servedby.flashtalking.com — Cisco Umbrella Rank: 801
cdn.flashtalking.com — Cisco Umbrella Rank: 1126
ad-events.flashtalking.com — Cisco Umbrella Rank: 2090
stat.flashtalking.com — Cisco Umbrella Rank: 2352
3 MB
128 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 77
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 192
ad.doubleclick.net — Cisco Umbrella Rank: 161
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 297
5994599.fls.doubleclick.net — Cisco Umbrella Rank: 97453
cm.g.doubleclick.net — Cisco Umbrella Rank: 208
1 MB
113 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1528
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 532
61 KB
110 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 713
gum.criteo.com — Cisco Umbrella Rank: 394
mug.criteo.com — Cisco Umbrella Rank: 2835
dis.criteo.com — Cisco Umbrella Rank: 658
42 KB
108 adsafeprotected.com
pixel.adsafeprotected.com — Cisco Umbrella Rank: 604
static.adsafeprotected.com — Cisco Umbrella Rank: 587
dt.adsafeprotected.com — Cisco Umbrella Rank: 543
2 MB
96 flashnetic.com
flashnetic.com — Cisco Umbrella Rank: 47478
324 KB
90 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6196
15 KB
90 adpone.com
hb.adpone.com — Cisco Umbrella Rank: 21490
11 MB
90 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 211
968 KB
73 adition.com
imagesrv.adition.com — Cisco Umbrella Rank: 16866
ad4.adfarm1.adition.com — Cisco Umbrella Rank: 48975
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1427
ad13.adfarm1.adition.com — Cisco Umbrella Rank: 52475
ad2.adfarm1.adition.com — Cisco Umbrella Rank: 59066
12 MB
70 googlesyndication.com
18ac39e9d44761ba375f80b3a5165cc4.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 139
pagead2.googlesyndication.com — Cisco Umbrella Rank: 101
ed261e9d5f80ee9aeb3267a5c8ea321d.safeframe.googlesyndication.com
cc7252416ebc341fc31d3df3ea1fddde.safeframe.googlesyndication.com
5910bc36042e5ea26beb34c4e16d8590.safeframe.googlesyndication.com
3beb1f81fc485bd83fb3615e658cef3b.safeframe.googlesyndication.com
dd03b60b7cea74449bd5679d8ed8afe5.safeframe.googlesyndication.com
5a0b7fa0b7bc097353a0829cd558de54.safeframe.googlesyndication.com
509 KB
67 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 599
cdn.indexww.com — Cisco Umbrella Rank: 1485
55 KB
56 forward.com
forward.com — Cisco Umbrella Rank: 260566
id.forward.com — Cisco Umbrella Rank: 767133
3 MB
50 yahoo.com
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 837
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 408
ups.analytics.yahoo.com — Cisco Umbrella Rank: 279
19 KB
41 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 188
1 MB
40 criteo.net
static.criteo.net — Cisco Umbrella Rank: 637
1 MB
40 serverbid.com
e.serverbid.com — Cisco Umbrella Rank: 3751
sync.serverbid.com — Cisco Umbrella Rank: 8287
x.serverbid.com — Cisco Umbrella Rank: 8966
106 KB
40 tinypass.com
cdn.tinypass.com — Cisco Umbrella Rank: 5759
buy.tinypass.com — Cisco Umbrella Rank: 9694
471 KB
39 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 267
978 KB
34 bidstreamserver.com
ads.bidstreamserver.com — Cisco Umbrella Rank: 38242
prebid.bidstreamserver.com — Cisco Umbrella Rank: 43008
439 KB
25 adswizz.com
synchrobox.adswizz.com — Cisco Umbrella Rank: 6471
cdn.adswizz.com — Cisco Umbrella Rank: 10187
synchroscript.deliveryengine.adswizz.com — Cisco Umbrella Rank: 2866
delivery-cdn-cf.adswizz.com — Cisco Umbrella Rank: 4723
105 KB
24 dyntrk.com
gu.dyntrk.com — Cisco Umbrella Rank: 972
10 KB
24 trustarc.com
choices.trustarc.com — Cisco Umbrella Rank: 729
164 KB
23 advanseads.com
cdn.advanseads.com — Cisco Umbrella Rank: 10918
delivery.advanseads.com — Cisco Umbrella Rank: 11251
count.advanseads.com — Cisco Umbrella Rank: 9346
323 KB
22 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 315
7 KB
22 truste.com
choices.truste.com — Cisco Umbrella Rank: 722
106 KB
22 sojern.com
beacon.sojern.com — Cisco Umbrella Rank: 5003
1 KB
21 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 4762
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 72
6 KB
20 adform.net
c1.adform.net — Cisco Umbrella Rank: 566
10 KB
18 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 480
8 KB
18 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 204
16 KB
17 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 282
5 KB
17 mathtag.com
tags.mathtag.com — Cisco Umbrella Rank: 3468
pixel.mathtag.com — Cisco Umbrella Rank: 904
sync.mathtag.com — Cisco Umbrella Rank: 434
9 KB
16 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 581
67 KB
15 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37
10 KB
12 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 912
s.amazon-adsystem.com — Cisco Umbrella Rank: 273
9 KB
12 dotomi.com
prebid-match.dotomi.com — Cisco Umbrella Rank: 2188
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 2838
casale-match.dotomi.com — Cisco Umbrella Rank: 2693
2 KB
12 richaudience.com
shb.richaudience.com — Cisco Umbrella Rank: 3606
sync.richaudience.com — Cisco Umbrella Rank: 1659
3 KB
12 google.de
www.google.de — Cisco Umbrella Rank: 6041
adservice.google.de — Cisco Umbrella Rank: 8549
2 KB
11 ad4m.at
ad4m.at — Cisco Umbrella Rank: 9760
11 gstatic.com
fonts.gstatic.com
210 KB
10 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1303
3 KB
10 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 534
1 KB
10 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 977
1 KB
9 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1484
2 KB
9 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 759
4 KB
9 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 752
2 KB
9 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 639
3 KB
9 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1546
u.openx.net — Cisco Umbrella Rank: 653
1 KB
9 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 690
524 B
9 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 41585
hal900010.redintelligence.net — Cisco Umbrella Rank: 485704
32 KB
8 digitaleast.mobi
euexchangesync.digitaleast.mobi — Cisco Umbrella Rank: 21953
558 B
8 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 1494
915 B
8 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 578
1 KB
7 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 522
2 KB
7 imrworldwide.com
secure-gl.imrworldwide.com — Cisco Umbrella Rank: 1442
5 KB
7 cxense.com
cdn.cxense.com — Cisco Umbrella Rank: 5159
p1cluster.cxense.com — Cisco Umbrella Rank: 9008
comcluster.cxense.com — Cisco Umbrella Rank: 6384
id.cxense.com — Cisco Umbrella Rank: 12422
77 KB
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 1321
n.clarity.ms — Cisco Umbrella Rank: 9782
20 KB
6 crwdcntrl.net
id.crwdcntrl.net — Cisco Umbrella Rank: 1446
sync.crwdcntrl.net — Cisco Umbrella Rank: 719
2 KB
6 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 707
4 KB
5 taboola.com
sync.taboola.com — Cisco Umbrella Rank: 929
886 B
5 company-target.com
s.company-target.com — Cisco Umbrella Rank: 2127
776 B
5 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 688
4 KB
5 onaudience.com
pixel-eu.onaudience.com — Cisco Umbrella Rank: 12965
pixel.onaudience.com — Cisco Umbrella Rank: 3040
2 KB
5 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 816
2 KB
5 vidoomy.com
vid.vidoomy.com — Cisco Umbrella Rank: 2081
91 KB
5 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 1615
4 KB
5 emxdgt.com
hb.emxdgt.com — Cisco Umbrella Rank: 4961
776 B
5 adgrid.io
console.adgrid.io — Cisco Umbrella Rank: 53860
3 MB
4 fiftyt.com
visitor.fiftyt.com — Cisco Umbrella Rank: 3765
983 B
4 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1107
2 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 1899
2 KB
4 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 595
3 KB
4 scoota.co
r.scoota.co — Cisco Umbrella Rank: 30424
2 KB
4 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 1368
1 KB
4 exactag.com
m.exactag.com — Cisco Umbrella Rank: 10374
240 B
4 parship.de
www.parship.de — Cisco Umbrella Rank: 265260
15 KB
4 33across.com
lexicon.33across.com — Cisco Umbrella Rank: 2050
478 B
4 clean.gg
i.clean.gg — Cisco Umbrella Rank: 1307
30 B
4 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 858
656 B
4 postrelease.com
exchange.postrelease.com — Cisco Umbrella Rank: 5767
2 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 29
40 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 51
210 KB
3 ctnsnet.com
cm.ctnsnet.com — Cisco Umbrella Rank: 3499
ipac.ctnsnet.com — Cisco Umbrella Rank: 4752
817 B
3 gammaplatform.com
cm-supply-web.gammaplatform.com — Cisco Umbrella Rank: 3084
1 KB
3 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 24144
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 26541
740 B
3 zeotap.com
mwzeom.zeotap.com — Cisco Umbrella Rank: 2401
spl.zeotap.com — Cisco Umbrella Rank: 2740
1 KB
3 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 651
1 KB
3 adnxs-simple.com
acdn.adnxs-simple.com — Cisco Umbrella Rank: 2538
crcdn01.adnxs-simple.com — Cisco Umbrella Rank: 3780
173 KB
3 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1227
601 B
3 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1412
mab.chartbeat.com — Cisco Umbrella Rank: 2280
25 KB
2 avads.net
ads.avads.net — Cisco Umbrella Rank: 24023
600 B
2 exelator.com
loada.exelator.com — Cisco Umbrella Rank: 26432
2 KB
2 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 3857
1 KB
2 splicky.com
bidswitch-eu.splicky.com — Cisco Umbrella Rank: 24704
438 B
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 497
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 726
s.tribalfusion.com — Cisco Umbrella Rank: 1844
1 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4459
558 B
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 710
943 B
2 awin1.com
www.awin1.com — Cisco Umbrella Rank: 14058
1 KB
2 adlightning.com
tagan.adlightning.com — Cisco Umbrella Rank: 1715
49 KB
2 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1884
25 KB
2 sellwild.com
widget.sellwild.com — Cisco Umbrella Rank: 58316
cache.sellwild.com — Cisco Umbrella Rank: 72089
982 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 110
202 B
2 piano.io
experience.piano.io — Cisco Umbrella Rank: 51608
c2.piano.io — Cisco Umbrella Rank: 4117
8 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 149
112 KB
1 book-secure.com
tracker.book-secure.com — Cisco Umbrella Rank: 182113
561 B
1 availpro.com
extranet.availpro.com — Cisco Umbrella Rank: 489731
265 KB
1 fwmrm.net
1f2e7.v.fwmrm.net — Cisco Umbrella Rank: 2993
532 B
1 instana.io
eum.instana.io — Cisco Umbrella Rank: 6298
10 KB
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 367
706 B
1 webgains.team
cdn.track.production.webgains.team — Cisco Umbrella Rank: 50569
438 B
1 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 17733
31 KB
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 3458
463 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2014
555 B
1 taptapnetworks.com
sonata-notifications.taptapnetworks.com — Cisco Umbrella Rank: 5650
322 B
1 erne.co
green.erne.co — Cisco Umbrella Rank: 16075
367 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 5627
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 5149
277 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 518
511 B
1 webgains.com
track.webgains.com — Cisco Umbrella Rank: 41190
2 KB
1 greatviews.de
trf.greatviews.de — Cisco Umbrella Rank: 276346
1 KB
1 office-partner.de
adv.office-partner.de — Cisco Umbrella Rank: 148792
931 B
1 ad.gt
a.ad.gt — Cisco Umbrella Rank: 3631
4 KB
1 npttech.com
www.npttech.com — Cisco Umbrella Rank: 8038
3 KB
1 polyfill.io
polyfill.io — Cisco Umbrella Rank: 1392
417 B
0 rlcdn.com Failed
api.rlcdn.com Failed
2976 131
Domain Requested by
217 ib.adnxs.com 13 redirects hb.adpone.com
ads.bidstreamserver.com
acdn.adnxs.com
128 dsum-sec.casalemedia.com 7 redirects forward.com
ssum-sec.casalemedia.com
123 cdn.flashtalking.com servedby.flashtalking.com
cdn.flashtalking.com
flashnetic.com
112 prg.smartadserver.com hb.adpone.com
ads.bidstreamserver.com
108 fra1-ib.adnxs.com hb.adpone.com
forward.com
acdn.adnxs-simple.com
flashnetic.com
cdn.adnxs.com
tagan.adlightning.com
99 fastlane.rubiconproject.com console.adgrid.io
hb.adpone.com
ads.bidstreamserver.com
96 flashnetic.com forward.com
flashnetic.com
94 hbopenbid.pubmatic.com hb.adpone.com
ads.bidstreamserver.com
90 htlb.casalemedia.com hb.adpone.com
90 bidder.criteo.com hb.adpone.com
90 prebid-eu.creativecdn.com hb.adpone.com
90 hb.adpone.com flashnetic.com
90 cdnjs.cloudflare.com buy.tinypass.com
cdn.flashtalking.com
73 eus.rubiconproject.com hb.adpone.com
eus.rubiconproject.com
forward.com
66 acdn.adnxs.com hb.adpone.com
flashnetic.com
acdn.adnxs-simple.com
tagan.adlightning.com
55 forward.com forward.com
buy.tinypass.com
51 ssum-sec.casalemedia.com 10 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
49 securepubads.g.doubleclick.net console.adgrid.io
securepubads.g.doubleclick.net
forward.com
www.googletagservices.com
flashnetic.com
46 ads.pubmatic.com forward.com
sync.serverbid.com
hb.adpone.com
ads.pubmatic.com
41 www.googletagservices.com securepubads.g.doubleclick.net
forward.com
www.googletagservices.com
ad.doubleclick.net
s0.2mdn.net
40 static.criteo.net hb.adpone.com
static.criteo.net
40 ad.doubleclick.net 14 redirects www.googletagservices.com
flashnetic.com
39 s0.2mdn.net forward.com
flashnetic.com
s0.2mdn.net
ad.doubleclick.net
imagesrv.adition.com
39 buy.tinypass.com cdn.tinypass.com
buy.tinypass.com
38 cdn.adnxs.com hb.adpone.com
acdn.adnxs-simple.com
tagan.adlightning.com
37 static.adsafeprotected.com pixel.adsafeprotected.com
flashnetic.com
36 dt.adsafeprotected.com flashnetic.com
36 js-sec.indexww.com hb.adpone.com
35 pixel.adsafeprotected.com 10 redirects hb.adpone.com
cdn.flashtalking.com
flashnetic.com
acdn.adnxs-simple.com
ad2.adfarm1.adition.com
34 dsum.casalemedia.com 6 redirects forward.com
ssum-sec.casalemedia.com
32 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
forward.com
ad.doubleclick.net
31 cdn.indexww.com ssum-sec.casalemedia.com
31 pagead2.googlesyndication.com www.googletagservices.com
securepubads.g.doubleclick.net
ad.doubleclick.net
forward.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
30 imagesrv.adition.com forward.com
flashnetic.com
ad4.adfarm1.adition.com
imagesrv.adition.com
28 pr-bh.ybp.yahoo.com 1 redirects ads.pubmatic.com
ssum-sec.casalemedia.com
24 gu.dyntrk.com 24 redirects
24 cm.g.doubleclick.net 22 redirects eus.rubiconproject.com
24 choices.trustarc.com choices.truste.com
flashnetic.com
choices.trustarc.com
22 match.adsrvr.org sync.serverbid.com
ads.pubmatic.com
ssum-sec.casalemedia.com
eus.rubiconproject.com
forward.com
22 choices.truste.com hb.adpone.com
forward.com
ad.doubleclick.net
s0.2mdn.net
22 beacon.sojern.com hb.adpone.com
forward.com
flashnetic.com
20 stat.flashtalking.com flashnetic.com
20 c1.adform.net 18 redirects ads.pubmatic.com
20 x.serverbid.com sync.serverbid.com
ads.pubmatic.com
19 cdn.advanseads.com forward.com
delivery.advanseads.com
18 match.prod.bidr.io 7 redirects ssum-sec.casalemedia.com
18 dpm.demdex.net 5 redirects sync.serverbid.com
ssum-sec.casalemedia.com
18 ads.bidstreamserver.com forward.com
ads.bidstreamserver.com
17 x.bidswitch.net 17 redirects
17 ad4.adfarm1.adition.com 1 redirects forward.com
hb.adpone.com
ad4.adfarm1.adition.com
flashnetic.com
acdn.adnxs-simple.com
16 image8.pubmatic.com forward.com
ads.pubmatic.com
hb.adpone.com
16 ap.lijit.com ads.bidstreamserver.com
sync.serverbid.com
smarttag.rubiconproject.com
ap.lijit.com
16 prebid.bidstreamserver.com ads.bidstreamserver.com
forward.com
15 fonts.googleapis.com widget.sellwild.com
buy.tinypass.com
hal900010.redintelligence.net
cdn.advanseads.com
s0.2mdn.net
14 ups.analytics.yahoo.com 14 redirects
13 simage2.pubmatic.com 6 redirects ads.pubmatic.com
13 sync.mathtag.com 13 redirects
11 ad4m.at ssum-sec.casalemedia.com
11 gum.criteo.com 4 redirects static.criteo.net
11 dsp.adfarm1.adition.com 11 redirects
11 fonts.gstatic.com fonts.googleapis.com
10 ad-events.flashtalking.com flashnetic.com
10 cm.adgrx.com ads.pubmatic.com
ssum-sec.casalemedia.com
10 sync-tm.everesttech.net 10 redirects
10 googleads4.g.doubleclick.net ad.doubleclick.net
forward.com
10 synchroscript.deliveryengine.adswizz.com 5 redirects cdn.adswizz.com
10 sync.serverbid.com console.adgrid.io
sync.serverbid.com
10 odr.mookie1.com flashnetic.com
10 servedby.flashtalking.com forward.com
10 adservice.google.com securepubads.g.doubleclick.net
5994599.fls.doubleclick.net
10 e.serverbid.com console.adgrid.io
sync.serverbid.com
9 d.adroll.com ssum-sec.casalemedia.com
9 um.simpli.fi 8 redirects ads.pubmatic.com
9 csync.loopme.me 9 redirects
9 cms.quantserve.com 9 redirects
9 ad2.adfarm1.adition.com 1 redirects ad4.adfarm1.adition.com
ad2.adfarm1.adition.com
9 onetag-sys.com 4 redirects sync.serverbid.com
9 adservice.google.de securepubads.g.doubleclick.net
9 www.google.com forward.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
8 euexchangesync.digitaleast.mobi 8 redirects
8 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
eus.rubiconproject.com
8 dmp.brand-display.com 8 redirects
8 pixel-sync.sitescout.com ads.pubmatic.com
ssum-sec.casalemedia.com
8 mug.criteo.com forward.com
8 c2shb.pubgw.yahoo.com ads.bidstreamserver.com
7 casale-match.dotomi.com 7 redirects
7 b1sync.zemanta.com 7 redirects
7 image2.pubmatic.com 4 redirects ads.pubmatic.com
7 image6.pubmatic.com 1 redirects ads.pubmatic.com
7 secure-gl.imrworldwide.com hb.adpone.com
acdn.adnxs-simple.com
6 secure.adnxs.com 6 redirects
6 sync.richaudience.com forward.com
hb.adpone.com
6 p.rfihub.com 6 redirects
6 ad13.adfarm1.adition.com 6 redirects
6 shb.richaudience.com hb.adpone.com
5 sync.taboola.com 5 redirects
5 s.company-target.com 5 redirects
5 pm.w55c.net 5 redirects
5 delivery-cdn-cf.adswizz.com synchroscript.deliveryengine.adswizz.com
5 sync.go.sonobi.com sync.serverbid.com
5 rtb.openx.net sync.serverbid.com
5 vid.vidoomy.com sync.serverbid.com
5 hal900010.redintelligence.net 1 redirects flashnetic.com
hal900010.redintelligence.net
5 cdn.adswizz.com sync.serverbid.com
5 synchrobox.adswizz.com sync.serverbid.com
5 ads.servenobid.com console.adgrid.io
5 hb.emxdgt.com console.adgrid.io
5 n.clarity.ms www.clarity.ms
5 console.adgrid.io forward.com
console.adgrid.io
4 pixel.onaudience.com 4 redirects
4 visitor.fiftyt.com 4 redirects
4 uipglob.semasio.net 2 redirects forward.com
4 a.audrte.com 2 redirects forward.com
4 token.rubiconproject.com 4 redirects
4 pixel.rubiconproject.com 2 redirects eus.rubiconproject.com
4 ads.stickyadstv.com 3 redirects ssum-sec.casalemedia.com
4 r.scoota.co 4 redirects
4 sync.adotmob.com 4 redirects
4 m.exactag.com flashnetic.com
ad2.adfarm1.adition.com
4 aax-eu.amazon-adsystem.com 2 redirects ads.pubmatic.com
eus.rubiconproject.com
4 www.parship.de hal900010.redintelligence.net
www.parship.de
4 u.openx.net ads.bidstreamserver.com
4 id.crwdcntrl.net ads.pubmatic.com
4 lexicon.33across.com ads.pubmatic.com
4 i.clean.gg acdn.adnxs-simple.com
4 prebid-match.dotomi.com forward.com
ads.bidstreamserver.com
4 prebid.a-mo.net 4 redirects
4 hal9000.redintelligence.net forward.com
hal900010.redintelligence.net
4 exchange.postrelease.com console.adgrid.io
4 cdn.cxense.com cdn.tinypass.com
cdn.cxense.com
4 www.google-analytics.com forward.com
www.google-analytics.com
4 www.googletagmanager.com forward.com
www.googletagmanager.com
adv.office-partner.de
3 beacon-ams3.rubiconproject.com forward.com
3 cm-supply-web.gammaplatform.com 3 redirects
3 smarttag.rubiconproject.com ads.rubiconproject.com
3 image4.pubmatic.com ads.pubmatic.com
forward.com
3 sync.srv.stackadapt.com 3 redirects
3 delivery.advanseads.com cdn.advanseads.com
delivery.advanseads.com
3 ads.rubiconproject.com ads.bidstreamserver.com
3 tags.mathtag.com 1 redirects flashnetic.com
forward.com
3 ping.chartbeat.net forward.com
3 www.google.de forward.com
3 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
2 ads.avads.net 2 redirects
2 loada.exelator.com 2 redirects
2 aud.pubmatic.com forward.com
2 ipac.ctnsnet.com ads.pubmatic.com
2 ads.creative-serving.com 2 redirects
2 bidswitch-eu.splicky.com 2 redirects
2 cr.frontend.weborama.fr 2 redirects
2 mwzeom.zeotap.com ads.pubmatic.com
forward.com
2 sync.crwdcntrl.net ads.pubmatic.com
2 sync.1rx.io 2 redirects
2 d5p.de17a.com 2 redirects
2 ad.turn.com 2 redirects
2 5994599.fls.doubleclick.net 1 redirects forward.com
2 www.awin1.com 1 redirects flashnetic.com
2 tagan.adlightning.com ads.bidstreamserver.com
2 acdn.adnxs-simple.com hb.adpone.com
2 script.4dex.io console.adgrid.io
script.4dex.io
2 www.facebook.com forward.com
2 region1.analytics.google.com www.googletagmanager.com
2 connect.facebook.net forward.com
connect.facebook.net
2 www.clarity.ms forward.com
www.clarity.ms
2 static.chartbeat.com forward.com
1 tracker.book-secure.com delivery.advanseads.com
1 extranet.availpro.com delivery.advanseads.com
1 count.advanseads.com delivery.advanseads.com
1 1f2e7.v.fwmrm.net 1 redirects
1 spl.zeotap.com 1 redirects
1 eum.instana.io www.parship.de
1 cm.ctnsnet.com 1 redirects
1 px.ads.linkedin.com eus.rubiconproject.com
1 simage4.pubmatic.com ads.pubmatic.com
1 crcdn01.adnxs-simple.com flashnetic.com
1 cdn.track.production.webgains.team flashnetic.com
1 analytics.webgains.io track.webgains.com
1 crcdn01.adnxs.com tagan.adlightning.com
1 ads.playground.xyz 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 sonata-notifications.taptapnetworks.com 1 redirects
1 idsync.frontend.weborama.fr ads.pubmatic.com
1 pixel-eu.onaudience.com 1 redirects
1 green.erne.co 1 redirects
1 matching.truffle.bid ads.pubmatic.com
1 core.iprom.net ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 rtb-csync.smartadserver.com 1 redirects
1 bh.contextweb.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 dcdn.adnxs.com hb.adpone.com
1 5a0b7fa0b7bc097353a0829cd558de54.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 track.webgains.com forward.com
1 trf.greatviews.de 1 redirects
1 adv.office-partner.de hal900010.redintelligence.net
1 dd03b60b7cea74449bd5679d8ed8afe5.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 3beb1f81fc485bd83fb3615e658cef3b.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 5910bc36042e5ea26beb34c4e16d8590.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 pixel.mathtag.com forward.com
1 cc7252416ebc341fc31d3df3ea1fddde.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 id.forward.com cdn.tinypass.com
1 ed261e9d5f80ee9aeb3267a5c8ea321d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 id.cxense.com cdn.cxense.com
1 comcluster.cxense.com cdn.cxense.com
1 p1cluster.cxense.com cdn.cxense.com
1 cache.sellwild.com widget.sellwild.com
1 a.ad.gt forward.com
1 18ac39e9d44761ba375f80b3a5165cc4.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 c2.piano.io cdn.tinypass.com
1 cdn.tinypass.com experience.piano.io
1 widget.sellwild.com forward.com
1 experience.piano.io forward.com
1 mab.chartbeat.com static.chartbeat.com
1 www.npttech.com forward.com
1 polyfill.io forward.com
0 api.rlcdn.com Failed ads.pubmatic.com
2976 218
Subject Issuer Validity Valid
forward.com
R3		 2022-11-11 -
2023-02-09		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2022-05-06 -
2023-06-03		 a year crt.sh
polyfill.io
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-10 -
2024-01-11		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-11-05 -
2023-11-05		 a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-01 -
2023-12-01		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-10-02 -
2022-12-31		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 02		 2022-06-07 -
2023-06-02		 a year crt.sh
piano.io
Cloudflare Inc ECC CA-3		 2022-04-27 -
2023-04-26		 a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2021-12-01 -
2022-12-30		 a year crt.sh
*.sellwild.com
Amazon		 2022-03-24 -
2023-04-22		 a year crt.sh
*.cxense.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-17 -
2023-04-17		 a year crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2022-11-23 -
2023-11-22		 a year crt.sh
*.emxdgt.com
Amazon		 2022-06-02 -
2023-07-01		 a year crt.sh
*.postrelease.com
Amazon		 2022-11-27 -
2023-12-25		 a year crt.sh
*.consumableaudio.com
R3		 2022-10-03 -
2023-01-01		 3 months crt.sh
ads.servenobid.com
Amazon		 2022-05-29 -
2023-06-27		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.google.de
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
admin.bidstreamserver.com
R3		 2022-10-04 -
2023-01-02		 3 months crt.sh
*.ad.gt
Amazon		 2022-05-10 -
2023-06-08		 a year crt.sh
flashnetic.com
Amazon		 2022-07-10 -
2023-08-08		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-17 -
2023-04-12		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-31 -
2023-01-26		 3 months crt.sh
*.richaudience.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-11 -
2023-03-10		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
id.forward.com
Cloudflare Inc ECC CA-3		 2022-04-20 -
2023-04-19		 a year crt.sh
*.adition.com
AlphaSSL CA - SHA256 - G2		 2022-04-26 -
2023-05-28		 a year crt.sh
*.adfarm1.adition.com
AlphaSSL CA - SHA256 - G2		 2022-06-01 -
2023-07-03		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
*.sojern.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-12-16 -
2023-01-16		 a year crt.sh
*.truste.com
Amazon		 2022-12-18 -
2024-01-16		 a year crt.sh
servedby.flashtalking.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-11 -
2023-11-12		 a year crt.sh
redintelligence.net
R3		 2022-12-05 -
2023-03-05		 3 months crt.sh
pixel.mathtag.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-05 -
2023-07-05		 a year crt.sh
*.mathtag.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-18 -
2023-04-25		 a year crt.sh
sync.serverbid.com
Amazon		 2022-04-04 -
2023-05-03		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-08-02 -
2023-01-25		 6 months crt.sh
prebid.advertserve.com
Go Daddy Secure Certificate Authority - G2		 2022-05-16 -
2023-06-17		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
fw.adsafeprotected.com
Amazon		 2022-04-28 -
2023-05-27		 a year crt.sh
*.imrworldwide.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-04 -
2023-02-03		 a year crt.sh
*.adswizz.com
Amazon		 2022-07-22 -
2023-08-20		 a year crt.sh
cdn.flashtalking.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-27 -
2023-02-25		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-01 -
2023-10-02		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2021-12-08 -
2023-01-09		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-08 -
2023-02-04		 3 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
i.clean.gg
GTS CA 1D4		 2022-12-01 -
2023-03-01		 3 months crt.sh
lexicon.33across.com
GTS CA 1D4		 2022-12-21 -
2023-03-21		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.advanseads.com
Go Daddy Secure Certificate Authority - G2		 2022-07-26 -
2023-08-27		 a year crt.sh
*.adlightning.com
Amazon		 2022-06-09 -
2023-07-07		 a year crt.sh
*.deliveryengine.adswizz.com
Amazon		 2022-02-14 -
2023-03-15		 a year crt.sh
*.trustarc.com
Amazon		 2022-05-17 -
2023-06-15		 a year crt.sh
adv.office-partner.de
R3		 2022-11-02 -
2023-01-31		 3 months crt.sh
www.parship.de
R3		 2022-12-20 -
2023-03-20		 3 months crt.sh
*.webgains.com
Amazon		 2022-06-14 -
2023-07-13		 a year crt.sh
www.awin1.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-18 -
2023-04-19		 a year crt.sh
static.adsafeprotected.com
Amazon		 2022-08-06 -
2023-09-04		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2022-07-20 -
2023-07-19		 a year crt.sh
*.iprom.net
R3		 2022-12-05 -
2023-03-05		 3 months crt.sh
truffle.bid
R3		 2022-12-21 -
2023-03-21		 3 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-01 -
2023-03-28		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-11-08 -
2023-05-03		 6 months crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
ad-events.flashtalking.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-03 -
2023-08-31		 a year crt.sh
*.webgains.io
Amazon		 2022-08-23 -
2023-09-21		 a year crt.sh
cdn.track.production.webgains.team
Amazon		 2022-09-29 -
2023-10-28		 a year crt.sh
*.exactag.com
Sectigo RSA Organization Validation Secure Server CA		 2022-04-01 -
2023-05-02		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-21		 a year crt.sh
*.demdex.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-26 -
2023-10-27		 a year crt.sh
*.match.prod.bidr.io
Amazon		 2022-01-27 -
2023-02-25		 a year crt.sh
d.adroll.com
Amazon RSA 2048 M01		 2022-11-08 -
2023-12-07		 a year crt.sh
*.ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-14 -
2023-06-16		 a year crt.sh
*.instana.io
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-17 -
2023-11-17		 a year crt.sh
dt.adsafeprotected.com
Amazon		 2022-11-04 -
2023-12-03		 a year crt.sh
*.ctnsnet.com
DigiCert SHA2 Secure Server CA		 2022-09-27 -
2023-03-08		 5 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.availpro.com
Gandi Standard SSL CA 2		 2022-07-01 -
2023-07-01		 a year crt.sh
*.book-secure.com
Gandi Standard SSL CA 2		 2022-01-25 -
2023-02-22		 a year crt.sh

This page contains 502 frames:

Primary Page: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Frame ID: 5F4B97E74C7A0CA47675B7F17F7E3337
Requests: 168 HTTP requests in this frame

Frame: https://18ac39e9d44761ba375f80b3a5165cc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 854207A9A0DE4EA0103948AB9D4436AD
Requests: 1 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTLFKRY569ZK&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EX6TYRXXTQW3&iframeId=offer_f76144f4699d366ef6df-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Frame ID: 58135FFEF8DEC11B181BA37F765521BA
Requests: 17 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTJFG6TAHQXX&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EX6TYRXXTQW3&iframeId=offer_5907f1c6ace01720d9e3-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Frame ID: 5F6BC47695D24935BF4F9C03A6665C19
Requests: 17 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTJFG6TAHQXX&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EX6TYRXXTQW3&iframeId=offer_5907f1c6ace01720d9e3-1&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Frame ID: 693BE93B7A6E5F630BDFECCFC9696934
Requests: 14 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTCZD3SCSDNW&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EXAVX1G5WJZ7&iframeId=offer_f73797f3090d714688ed-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Frame ID: 975B708732AA8402BF27D9D741E7CDE8
Requests: 20 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTB6LZE25B0H&preload=1&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EX62K1XBY0XH&iframeId=offer_4c666372ab654245fdc1-0&displayMode=modal&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Frame ID: 57C22AD96651010534B5E534EA6586B1
Requests: 16 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTH78FC9Z68B&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EXY3E12NMPEG&iframeId=offer_f6d07c52e265886afaed-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Frame ID: 591FABCF5D73DE32555658529FC7F805
Requests: 18 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTMCHSY055P1&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EXY3E12NMPEG&iframeId=offer_f98dd4fa2e454baae50d-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Frame ID: A1F5828A4A97DD596C1A8F458AD4AD38
Requests: 18 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTP9S6C2UYZN&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EXY3E12NMPEG&iframeId=offer_e759b0b2583bf76990fe-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Frame ID: 0FE444423DA477B096013CF71B57FC27
Requests: 17 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 7AC6C066F1E931B6577B4C8E621BB8DF
Requests: 1 HTTP requests in this frame

Frame: https://console.adgrid.io/wp-content/uploads/crmc/library/adgrid-crmc.js
Frame ID: 3559636797F6EB2E2D7EFF831699AFF7
Requests: 5 HTTP requests in this frame

Frame: https://cdn.cxense.com/sp1.html
Frame ID: 09B41253882DC8052A721D782C3AE066
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvDFeSoXQcSn0fKZuw61CjGK4qwGgmEjJafpzGRE-LceWs50HxDLMP7YFxpHm3uz8omq3CxxxV3ApMG_5xWDZUqQoR4DjjPr9TjL0uVZAvjns7ZdioCBSzUzEw2-YcVD7BOSBdGjhOYe7fu09H978nP1Y8rXmNRD-nLBp0JzI42zBhBzEEytaQz9nkALuR-yFKUL_AcyJlcb1afY-fX2LrJ-aNz8xOmJWPsu7QNS_UZZoLxGMAZ_x6izKnThrOvBZOutvXKl6_EILZx9cwYcQpBj3sCMus1DQrAOQypqroA3p9QnkaNZst1bvbT2MBfIpsO7CyYZ6AFGNn3r3hmCg&sai=AMfl-YQbk0DPf3s3Fo0QuD1M0krLiiDY3FWGGaR7GW6g2ky2562YLAmA37ns61cru6qjbCHHxx5kdVgoD6VuLiiC_VbNkt_DeNKtdSQrY7PXrrg11Pz9Ep8ni9zC9pPgkvcw0gvod8i5JPBY50osoFE3&sig=Cg0ArKJSzB6i7J_sMDksEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 7B557029E4EBADE0354EC74EC63D35D2
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvdJ4hGY3i8Td5jk1fUcDXN8w2n0xrVKj2PdKYfMFyI0lgaOKOjeQnKz0kowVn9WCfHO4ROWQGb2KB7B5sdeHcWGgCHQurLH9PWz6u0HNKjeClmHxWHbzkhNYmUqJzjMvdTBirBeJvHp38o_jwo6omzoYKUAbyFK9ErzAD78HYVMTW4YXOcPr4LhT4NOOzjhM0MT7_r2Tvsx_Cu4oljPSWaorBsgbBxpE6P_1B9zOvruUZ8DbNsi5p4yCag2bXy_DuvIR9UI6fojQFNpRa1xSxXFl1-zoM6J-qxkZYaAo9lEJMO4g4GE0HeQkmTq5AvBMENt2HoKRnRMA6GKFBN8A&sai=AMfl-YQ5B1QXHs9fW4FFZYm07tALxPaP8vvhWGifSzte25ovZvsops_9CIK3-qhGUhI6Wf5D47Hac_9s2p89FGPP2ed8ugqAnURqgX34RL5fo5yE7wJxiZHsMe0jcsNqWrY&sig=Cg0ArKJSzDcvI1Gt-BFrEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 3279B8C742412C6FC0852F35C9EB2779
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu6hWPy5_WKLUAoVuou-L6BHwxSDUAFpPuJ5aWTMnlAZzECfIPZjtbQQAiydpodnFXU6dMmpWMTjtqy5o7kQl5i4t2Xe2totHurjBn_ZAUjl3lfxDm2-gQDUGx6sXXqJqho3rf1KmK78sdmqHFbxwGIGuq0sfu7wpLSpixbixAGeq46FrpnILih0yyUPh6mIkDFClUez9oEY6eEP50lJmXp4PCw9zuuFAKzCejphZp7neaqs8CKnNzX5TUswi4gwQyXk0ig0tDh2hYP8W2DwxBH6grWwppPlo8PnDxKUiSblCF5cpCJ4bVQAc5wpT52f8-HUf3QYxLXBMjnszQOzA&sai=AMfl-YQaRkKgMyxEj1ArUTwkeFMCpvPPsSmQxExTxF_zlRgJshQNSbgUHATk1ZF64ezB5_OvskGfrzpuwRPiKtLMXvtZGWd8AYkzIqRZQA2hApfnIMhKaeGWoA8NYyR_QIk&sig=Cg0ArKJSzJnXQodKCiBfEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 262034B08C369CFED5C91872786678F0
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: BAC357FD11B09111EC45074BCDDE67F0
Requests: 22 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=kefsgtnvo&e=1535582086632
Frame ID: 952245563EBDA359D853011ACA7B3B42
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=vwggzaudv&e=1535582086632
Frame ID: 7BCBCFDE17BC177602A6839CD330D744
Requests: 11 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=icavjgt&e=1535582086632
Frame ID: 18D79FE43033A654C30FEB822CBB386D
Requests: 11 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=cigritfmlj&e=1535582086632
Frame ID: E57D876F862B4710553D1AC3EDB9CC20
Requests: 11 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=efljs&e=1535582086632
Frame ID: CBFAE64253F5572EA5BACB7D5893D0E0
Requests: 10 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=ybwpafwce&e=1535582086632
Frame ID: 0273965D3F592B680DCA1DF6C9B3CDBB
Requests: 10 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=hxphinku&e=1535582086632
Frame ID: A1CE1B6D1C93F9DB7681E0F8297D7FB6
Requests: 10 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=ajdxfouger&e=1535582086632
Frame ID: 067906B4527F2FC02F8566F663CD5C90
Requests: 10 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=sqwwysn&e=1535582086632
Frame ID: 33ED25A54677FC01746E81995D06F607
Requests: 10 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=gsuhtufxa&e=1535582086632
Frame ID: 3332A5A681CF91100594F660890E22AE
Requests: 10 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=snklkezbm&e=1535582086632
Frame ID: 6F22C14F58AD0B78706A6FC7CC2B7620
Requests: 10 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=fcxutwsyos&e=1535582086632
Frame ID: 1EF1FD72C1DE5006F393CE318328B79F
Requests: 10 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=uffdafdut&e=1535582086632
Frame ID: 697C7A94B8B323FAC097682E05FD68D7
Requests: 10 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=cqjing&e=1535582086632
Frame ID: ED48227463334DAF8AC1C1083FDE55AE
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/gampad/adx?iu=/92510019/custom_rich_media_ad_tracker&sz=1x1&c=2066204337&tile=1&t=crmc_id%3D4002
Frame ID: 99D5CD1F527DC9C09C8C00D7C1015829
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstt_cHDGm6DrGvb_1AdVk2Z18QuhXS47D3AI0YPf1dcI6-rjLD4iFFgOGPXmPGm1Iciiu7j-r-f0omIVxwcwMUiwhAeuNhxdizS_lih2LS1l4oTA3hQakgOa5IRDh8QS4K2XtyBzrsHUBFLiWriFxxUiE83gqlHQZdE1BF72KG6mBjFqdJppe_TS0rS-fMrT2T38ihTNVPUDobNv6aXKd5RTU50DCsUUyTaEJDq6RRx8VWOJE0gzSa9JVwTMD0SQDbOz0-TU4DxeFB4BSA9V5cYybx_vWSbhC8EpRjwevtE5Qry6k8HxJBd7QLaMZqHBzDW7dplxmXJ-vxm6Xl1Ug&sai=AMfl-YQkl6a9_1p6DQ1-GeLf23NsRcYl59xbsPjpWcUPrJuTcvRlLUB6sdSDatw0AeouTYrNfJ6XXrqJwiznsKOyi5Li87JE-x1CCml-9Z5zNG2BPvwG58BafS0HGKS6lhw&sig=Cg0ArKJSzPOzy_QnSeg_EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 5678F32BC653E4D66DCC14F0554E68CB
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: D2E8F5CC52D3D3C7E1E2E578F00DACD2
Requests: 23 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=cujjtcwp&e=1971603729092
Frame ID: FA8A65230E583B7D8647DABBA63C5F13
Requests: 11 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=etmctaf&e=1971603729092
Frame ID: BAFD84ACD0287BAC2621DDC080B02F94
Requests: 11 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=kwqcltffp&e=1971603729092
Frame ID: 70D35CFC2ADE91430D43EAA0EA26C4D5
Requests: 11 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=hrrpjho&e=1971603729092
Frame ID: 2C4323651DAA604551E8153220480A25
Requests: 11 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=rrurktyjt&e=1971603729092
Frame ID: E538658D18CC5807384C53F4FA1D34E0
Requests: 11 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=hmvbpoai&e=1971603729092
Frame ID: ABF1BA92BA17C5A07EAD6A128B6923D7
Requests: 11 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=mvlbcgh&e=1971603729092
Frame ID: 80A323198BEBC7F6D4EA5A9A4360ED1F
Requests: 10 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=tnpxzjf&e=1971603729092
Frame ID: CE8877B4C42045A34104F752567DC66B
Requests: 11 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=rwlksmka&e=1971603729092
Frame ID: 97A193D6B846E353031AF73C0C36D429
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=glwywkm&e=1971603729092
Frame ID: 5DDAE7856801641E9A0BFB4DFFAB5831
Requests: 10 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=xsxkp&e=1971603729092
Frame ID: 582D5FBE9E18C3CDBC91047017ABD163
Requests: 10 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=nhlvbl&e=1971603729092
Frame ID: 0189DC262D65A0DDBC0BA7B2EF87387F
Requests: 10 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=fdicgvwh&e=1971603729092
Frame ID: 67EC7B6728921FA740301DBC327E3469
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=kefqmat&e=1971603729092
Frame ID: D8590A1EEE28D7B74DE60DEDD613721F
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsshDRJxfIAPzHmOIHInA2RSOLPgxJnKPFtCmTB4PPoZa_IUG98_siOCtnAcYlZdNBo8z0jRxnavzSF7kvhP4TcICk6MiQstV8pmBmDLt08PO_bJ6VdUlsnCLYyrdFL9Luum03U8m49_qX3zTTYbjZASSsqNkwrvmPJaEAjLTke7pseN2tZzNCnORRuwZN4TWz0PFmdgpX2w64l9UjVgS1Smutxhk7MSRGaaBLYX6rt3kw0cO8cQGZEiAOOIZ9TCKiY2bkhcRHv0l3c74MV2aae1Tk8cvnDv1ZO8RQ7f7z4r0sCqOJta3s6rf0H-bwE2Oz1iK4-DCLxowyNg1KzAaw&sai=AMfl-YQqQRNyXlIHdENiZ11O3vqOOGNPJFAVqXRVFIfIQohpCfV_RWS9Vhq9u50UHHM5oqIyLGB-ljRWKVID4COxZE9_WJa7vUUuWpm95ickLHw-EiRWX1ON62nik7DlMTA&sig=Cg0ArKJSzGoXwazVhNdSEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 76BD3CB2678B3DBEC6F3DB4DDC465302
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstH5S0PGVbjYdKl8phHsXTce_vr9jeQx_LdI_CGxXbkykXLtArGLQUaJAFN481Fv90ytb42HDsvqIzJmXjEPx-6HXo6qpVv0jV5qQ1WGZWRA8Z9LzqpDswpyuAPRybO1nz4-ESomu_tIvWnhA-PRH6JECnfS8a9plYaUg5XIQlv0bS7P68Zu8cej_8ksHJBi6jUND3kDw8hx_CSt2W_1GOCZhhKzPDOpmKIy0YLpSPh774-ZB734JNKjKnNp4lCrZVkOddfDIB3TeFNzeRKPQl9a5UtT64TwfMQtYXwr-nI2hxBwECsr5IXenOZbRFiQvyDy0KR8Q2ahdYjnNQYkQ&sai=AMfl-YSKQ4YSLIKyAIgz8HNZ7slxOktrQzsWETaqStBPkKagXnn8n25whFg60y0v1syPogKsVlcDgMPkXg5qn3_ncv3tVbSMZr8HHHBWWZyXq-HHhyHj4j_mp6VAoaaHvv8&sig=Cg0ArKJSzEBrr-pVdl8TEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: ECB99CDAECD85352D1AE0F480B6E46C4
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: EF105678464FF0C6CE1C3A12A0683D8B
Requests: 21 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=pjbsvsf&e=1544311770728
Frame ID: 0075CE214A3DD8D5F05F5E8BB99F5BF7
Requests: 10 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=omaxbbue&e=1544311770728
Frame ID: FB2BD05AD86262A8519F42A60079B079
Requests: 10 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=rnekscbjcg&e=1544311770728
Frame ID: 426AE9871FB09EFB0F72DAB222E3AB7F
Requests: 10 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=rvhpjgub&e=1544311770728
Frame ID: A5F9169EEB2AD58B08A61DD29F33837B
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=ppqndwhs&e=1544311770728
Frame ID: C7D0E9DF83346F352E8991253EF16CFF
Requests: 10 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=jxkpnhr&e=1544311770728
Frame ID: 3A2F7DC7D21B864FB23472724CAF40C3
Requests: 10 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=nkjzjgi&e=1544311770728
Frame ID: D1D0C4D5EFFA232C66C98A74442CAEC1
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=pqhllppa&e=1544311770728
Frame ID: 5373ED35CBBCBEDE319B4C60F3C5B241
Requests: 10 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=awtdrmcdqn&e=1544311770728
Frame ID: 283884A8DF02056B49A8C065BFF80337
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=cltyrs&e=1544311770728
Frame ID: 975CB3F355DB2286E419068116D2FB8F
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=hnhz&e=1544311770728
Frame ID: BD254F4143F33D977068E13214895F8F
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=zistsjmioy&e=1544311770728
Frame ID: DC4156115647F03DB624F720858EFF7A
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=nlrgpoa&e=1544311770728
Frame ID: C27A4ED9D4F0A35813783BAA2B5D3631
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=lrvtjrcm&e=1544311770728
Frame ID: 8D61054E5D7A95B772D582783D8EBEA1
Requests: 9 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/pwt/161217/5905/pwt.js
Frame ID: 2E2EBEAF67116AC1B6D1F6043A008F63
Requests: 17 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/pwt/161217/5905/pwt.js
Frame ID: 64CC02BA44B1519B479D36E208036986
Requests: 16 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: FF5F0CD00EFF086A92FA78BE0BCEE587
Requests: 21 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=givah&e=1066281148413
Frame ID: EE012A17698B95E314FA0E1B2A15ADF0
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=lskbzykrm&e=1066281148413
Frame ID: 4317BBA0947BF14C91FDE0BF0FD46C53
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=vizblti&e=1066281148413
Frame ID: 1F1D013D74B732063375B0B5257A90A7
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=okdiqcd&e=1066281148413
Frame ID: D482FA745BCD493D5FE1D799D1791883
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=pizeyir&e=1066281148413
Frame ID: ABE42ECDC9BA80224E68ACCD72ED1AAE
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=xmxoneb&e=1066281148413
Frame ID: EE7A12EB5401DAFA87B233288706B2CB
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=kvhzjtyfqq&e=1066281148413
Frame ID: CFBF58F69547041FE282C7E738F0E798
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=efkknsne&e=1066281148413
Frame ID: 0F1DEDAB21DF24E48D2F12681B91892F
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=elprofvcf&e=1066281148413
Frame ID: 07B2E647C9F8C4307F995DC5066FE4A5
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=uzafkcyj&e=1066281148413
Frame ID: ECC5261A03F7E70F0DA4C77AF70B7A45
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=inlu&e=1066281148413
Frame ID: 2B0FCA11E76CB9365415C1F170551553
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=jmbcovogv&e=1066281148413
Frame ID: 7CDFE94032B0857B67E5CCE959081FEF
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=fjuorydv&e=1066281148413
Frame ID: C3A1093AE082FEC7745FFA9A8E020403
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=ialitks&e=1066281148413
Frame ID: A88D8C52E1E3224D3F8F1AB2DB5048C3
Requests: 9 HTTP requests in this frame

Frame: https://ed261e9d5f80ee9aeb3267a5c8ea321d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Frame ID: 0748E6D0EA9C8A7DA8FADA109805B2D4
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/pwt/161217/5905/pwt.js
Frame ID: B9458FB9C5E9E46522B680AD4FB43EF1
Requests: 16 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/pwt/161217/5905/pwt.js
Frame ID: 2249DDF589D974A8C4B73B3622D7C3F3
Requests: 16 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 26701846DF6FA013ACE110156E2ECFA0
Requests: 22 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=zzjahlbgrgl&e=1895969627920
Frame ID: 230D2826844E722D8B27132C59041BA7
Requests: 10 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=owjeetsg&e=1895969627920
Frame ID: 9AAD43D70CEA6D2341F029F329D290DF
Requests: 10 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=bczvkhbc&e=1895969627920
Frame ID: A40E79D7A47259BE443C8F4E0FDD1309
Requests: 10 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=virowxpvm&e=1895969627920
Frame ID: E491B282B66AF5E5B872CD36252BBA25
Requests: 10 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=fcpruxcdav&e=1895969627920
Frame ID: CFEFAEB56B2725E6A1938655893735DC
Requests: 10 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=pnscqapml&e=1895969627920
Frame ID: EA1212EF3DEE1B008CD9766A1555D62C
Requests: 10 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=wslqjeso&e=1895969627920
Frame ID: 055AF53E50A2C71C82591B3DE0100557
Requests: 10 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=rvrghwgt&e=1895969627920
Frame ID: C47EF1E6FD7834178B0D4C21E984C1A4
Requests: 10 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=esmtyaf&e=1895969627920
Frame ID: 3A43766B997AE1BEAEB88E44A964B16B
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=ihyiflzn&e=1895969627920
Frame ID: 01766FD3485EA4C880A38C09D615CB0E
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=wgbkvtvn&e=1895969627920
Frame ID: 7A82F61068A84388C7120E5131E71745
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=gvclp&e=1895969627920
Frame ID: 018F889523D7878A6972612486AC00A2
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=rdflkmkh&e=1895969627920
Frame ID: A59C50EBB8E386FE3C1560657D2BAB9F
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=zltxliabk&e=1895969627920
Frame ID: A69070A468337763C39A4F60C8D2F2E0
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 4B9867EA861379FCAE08ADA8F6524301
Requests: 21 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=lnjwvpico&e=1828802515028
Frame ID: 8F0CA0B924A1BF33778740BF70FFC253
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=sjduzs&e=1828802515028
Frame ID: DA0F918343FE52BEC09D011B4CC44581
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=gpghfnc&e=1828802515028
Frame ID: 9A7331E692AEDFCA6715FD9B00835F06
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=gfgafyhya&e=1828802515028
Frame ID: 6F278985C09994DDF431C6F392FDED3E
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=fvvbvws&e=1828802515028
Frame ID: 859C91331B5D9F7929FAD19D69EF3647
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=auwgldnwcs&e=1828802515028
Frame ID: 1CA38F1E32B2F9A28AE679EBA02007B6
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=ywmfdyn&e=1828802515028
Frame ID: D2ED7C334096B61C14C0CE87E38B02A1
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=dodgrpmnji&e=1828802515028
Frame ID: D9119A9313C9146CC17C30F6C580F92A
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=bqyzrqb&e=1828802515028
Frame ID: 46F58C4188561D5A2C64151F982A457A
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=tluzouto&e=1828802515028
Frame ID: 171558EE887B68FB44219A5E399FED73
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=amszaskej&e=1828802515028
Frame ID: A4F6343CC61B646F49A25A3D0AC54DA3
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=fatbtylgv&e=1828802515028
Frame ID: 514DF1ECD527167055E3B961B78AC8F6
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=yvopv&e=1828802515028
Frame ID: A6B66170A3EB0FF720E53E8D44F76767
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=gfmenxv&e=1828802515028
Frame ID: 964E42B64A07BA79481ECA6227A5119B
Requests: 9 HTTP requests in this frame

Frame: https://cc7252416ebc341fc31d3df3ea1fddde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Frame ID: FCF7FA587764636EAE8C726FF979163C
Requests: 1 HTTP requests in this frame

Frame: https://imagesrv.adition.com/js/adition.js
Frame ID: 3444EBBA087D3FE9FF20C192572B18A2
Requests: 14 HTTP requests in this frame

Frame: https://www.googletagservices.com/dcm/dcmads.js
Frame ID: 8045A5A7EDD50E6CFCE97DA1184B6234
Requests: 20 HTTP requests in this frame

Frame: https://servedby.flashtalking.com/imp/2/171383;6162252;201;js;GroupMCompetenceCenter;DEToyotaAlwaysOnRangeAlwaysOnConvertDisplayLightReactionProspectingSuperBanner0122/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ft_section=17801719_AYGOX_PR_INFRA&ftOBA=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dicavjgt%26e%3D1535582086632&ft_keyword=17801719_AYGOX_PR_INFRA&gdpr=0&gdpr_consent=&cachebuster=759780.1377941741
Frame ID: A9318DB05EF782D94BE583905489AEB4
Requests: 20 HTTP requests in this frame

Frame: https://servedby.flashtalking.com/imp/2/171383;6162252;201;js;GroupMCompetenceCenter;DEToyotaAlwaysOnRangeAlwaysOnConvertDisplayLightReactionProspectingSuperBanner0122/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ft_section=17801719_AYGOX_PR_INFRA&ftOBA=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dybwpafwce%26e%3D1535582086632&ft_keyword=17801719_AYGOX_PR_INFRA&gdpr=0&gdpr_consent=&cachebuster=524893.7704190068
Frame ID: 93938C42C7C7562DD1AA812BE8A9B0FB
Requests: 20 HTTP requests in this frame

Frame: https://servedby.flashtalking.com/imp/2/171383;6162252;201;js;GroupMCompetenceCenter;DEToyotaAlwaysOnRangeAlwaysOnConvertDisplayLightReactionProspectingSuperBanner0122/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ft_section=17801719_AYGOX_PR_INFRA&ftOBA=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Defljs%26e%3D1535582086632&ft_keyword=17801719_AYGOX_PR_INFRA&gdpr=0&gdpr_consent=&cachebuster=273351.3404336505
Frame ID: 90BF49F5BD1CAD81ECAE0DD3B54C5C8B
Requests: 20 HTTP requests in this frame

Frame: https://servedby.flashtalking.com/imp/2/171383;6162252;201;js;GroupMCompetenceCenter;DEToyotaAlwaysOnRangeAlwaysOnConvertDisplayLightReactionProspectingSuperBanner0122/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ft_section=17801719_AYGOX_PR_INFRA&ftOBA=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dhxphinku%26e%3D1535582086632&ft_keyword=17801719_AYGOX_PR_INFRA&gdpr=0&gdpr_consent=&cachebuster=861478.9890703169
Frame ID: 9936362A23D022499AA85D8DE7E5CFDD
Requests: 17 HTTP requests in this frame

Frame: https://servedby.flashtalking.com/imp/2/171383;6162252;201;js;GroupMCompetenceCenter;DEToyotaAlwaysOnRangeAlwaysOnConvertDisplayLightReactionProspectingSuperBanner0122/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ft_section=17801719_AYGOX_PR_INFRA&ftOBA=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dajdxfouger%26e%3D1535582086632&ft_keyword=17801719_AYGOX_PR_INFRA&gdpr=0&gdpr_consent=&cachebuster=599051.2576137336
Frame ID: 96B291F0B57B3C33A974433BA5ADF9D5
Requests: 19 HTTP requests in this frame

Frame: https://servedby.flashtalking.com/imp/2/171383;6162252;201;js;GroupMCompetenceCenter;DEToyotaAlwaysOnRangeAlwaysOnConvertDisplayLightReactionProspectingSuperBanner0122/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ft_section=17801719_AYGOX_PR_INFRA&ftOBA=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dsqwwysn%26e%3D1535582086632&ft_keyword=17801719_AYGOX_PR_INFRA&gdpr=0&gdpr_consent=&cachebuster=673638.9531040796
Frame ID: 3A7CC3130729A5F3A5CDD9B5AB67DB41
Requests: 29 HTTP requests in this frame

Frame: https://hal9000.redintelligence.net/zone/9odysa1gd1m7?subid=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&rnd=606178722513727505&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:apn&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D606178722513727505%26mt_id%3D6622401%26mt_adid%3D216536%26redirect%3D
Frame ID: 3B7F64324D7F1A38DF653A0EA7585CD5
Requests: 14 HTTP requests in this frame

Frame: https://servedby.flashtalking.com/imp/2/171383;6162252;201;js;GroupMCompetenceCenter;DEToyotaAlwaysOnRangeAlwaysOnConvertDisplayLightReactionProspectingSuperBanner0122/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ft_section=17801719_AYGOX_PR_INFRA&ftOBA=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dgsuhtufxa%26e%3D1535582086632&ft_keyword=17801719_AYGOX_PR_INFRA&gdpr=0&gdpr_consent=&cachebuster=933695.9180746984
Frame ID: B5EEB551D8DF76F6A3C18CEB6D2693B3
Requests: 29 HTTP requests in this frame

Frame: https://www.googletagservices.com/dcm/dcmads.js
Frame ID: 2F0C63E88085F17ED90A56657389EFB5
Requests: 20 HTTP requests in this frame

Frame: https://www.googletagservices.com/dcm/dcmads.js
Frame ID: 3516F0E98CC4D5C57BCE2666520F697C
Requests: 20 HTTP requests in this frame

Frame: https://www.googletagservices.com/dcm/dcmads.js
Frame ID: BE2CF46D89FE6B24600C44077A10F80D
Requests: 20 HTTP requests in this frame

Frame: https://sync.serverbid.com/ss/2001415.html
Frame ID: 60A4660D2F62540CAB04E3DF48DA5ADB
Requests: 13 HTTP requests in this frame

Frame: https://sync.serverbid.com/ss/2001415.html
Frame ID: 75023F7557302B40CDD7AA207C76FE59
Requests: 13 HTTP requests in this frame

Frame: https://sync.serverbid.com/ss/2001415.html
Frame ID: BF679B4F96454254ECB21EE4AD5218A9
Requests: 13 HTTP requests in this frame

Frame: https://sync.serverbid.com/ss/2001415.html
Frame ID: 5B14D1D0529966B5B069E591052EE05E
Requests: 13 HTTP requests in this frame

Frame: https://sync.serverbid.com/ss/2001415.html
Frame ID: 77F6571A839B75B53CEFF190C245A684
Requests: 13 HTTP requests in this frame

Frame: https://5910bc36042e5ea26beb34c4e16d8590.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Frame ID: 8C8D64DB6B512E3D1C4B3B84CDA0C9B5
Requests: 1 HTTP requests in this frame

Frame: https://ad4.adfarm1.adition.com/banner?sid=3692289&wpt=H&ac=-1&bid=16707077&userid=7124704239831220522&clickurl=https://fra1-ib.adnxs.com/click?DJOpglFJfT9-VZF-uR52PwAAAIAUruc_flWRfrkedj8Mk6mCUUl9Pwoi-xNfWQYwjRdONcm4NVZWz6ZjAAAAAHlDgQEYKAAAYQwAAAIAAAAbqS0XnuYfAAAAAABVU0QARVVSACwB-gAx-QAAAAABAQUCAAAAAMoAoiDSQgAAAAA./bcr=AAAAAAAA8D8=/cnd=%21-hbj2QjX9uMZEJvStrkBGJ7NfyAAKAAxAAAAAAAACEA6CUZSQTE6NjYxOECIMElIMxZNZyfuP1EAAAAAAAAAAFkAAAAAAAAAAGG4HoXrUbieP2kAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MzE2OSNGUkExOjY2MTg=/bn=99364/clickenc=
Frame ID: 9CB5F6E4A4EC0638DD453BBC4C261831
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Frame ID: C20A8C9B867B152B1C3F7FB518C4A6C0
Requests: 3 HTTP requests in this frame

Frame: https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fforward.com%2F&e=wqT_3QLIDfBMyAYAAAMA1gAFAQjWnpudBhCKxOyf8auWgzAYja-4qpOZ7ppWKjYJDJOpglFJfT8RflWRfrkedj8ZAAAAgBSu5z8hflWRfrkedj8pDJMJJPCaMQAAAEDheoQ_MPmGhQw4mFBA4RhIAlCb0ra5AViezX9gAGix8pcBeKSIBoABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJpdWYoJ2EnLCA0NTA2MTg4LCAwKTt1ZignaScsIDc2NTY5MjYsIDApO3VmKCdnJywgMTkxMDI1MDcsIDAJKTxzJywgMjc4NTgwOTIyLCAwCRYwcicsIDM4ODg2ODM3OQUW9IEBkgKJBSFqSC10V1FqWDl1TVpFSnZTdHJrQkdBQWduczFfTUFFNEFFQUFTT0VZVVBtR2hReFlBR0M5Qm1nQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkFxZ0JBckFCQUxrQk5FNWNPNVdXZXpfQkFmUkQ0TFgzUm4wX3lRRUFBQURBek16c1A5a0JTRE1XVFdjbjdqX2dBZDZyMHdQMUFRQUFRRUNZQWdDZ0FnQzFBZ0FBQUFDOUFnQUFBQURBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0SWdfeS1KeEFFR0FFdHdYS3dPYUlERXdpdDBfTW1FQW9ZQVMxbVptWV9NZ04xYm5HaUF3NEltcm1ZSlJBTEdBSXRBQUFBQUxvRENVWlNRVEU2TmpZeE9PQURpRENBQkpIa3FnbUlCTENKcXdtUUJBR1lCQVN5QkFrSXZ1b1JFSl9jcEEyNkJCa0k3UWdSdUI2RjYxRzRuajhaQUFBQUEBy1hBQWd2dW9Sd1FTNEhvWHJVYmllUDhrRQkbAQEYRFlCQUR4QgELDQF4aUFYYU01Z0Z1cDNyaEFHcEJVZ3pGazFuSi00X3NRVQ0mFEFBQU1FRgEHCQE4REpCUUFBQUtBTGF1a18wLigABE5rFSi4OERfZ0Jjc0Y4QVdyOW8wSi1BWE1oSk1DZ2dZRFJWVlNpQVlBa0FZQm1BWUFvUVkJWzRBQUlRS2dHQkxJR0pBaxEUCEFBQh3HBEJrGRgAQx0YQExnR0NnLi6aApkBIS1oYmoyPo0CEEo3TmZ5AbgEQXgRQixDRUE2Q1VaU1FURTYlkUBFQ0lNRWxJTXhaTlp5ZnVQMR1hAEYdeQhHRzQ1ZQAyHRgASB0wDEhnQWlFoQEB8EBEd1B3Li7YAgDgApuFTuoCFGh0dHBzOi8vZm9yd2FyZC5jb20v8gIRCgZBRFZfSUQSBzQ1MDYxODjyAhIKBkNQRwEUBAgxbaMBFQgFQ1ABFAAJdaI88gINCghBRFZfRlJFURIBMAUQHFJFTV9VU0VSBRAAFQkgWENPREUSCUxBTUJPXzEzNvICDAoIQ1BHCRgcAPICCwoHQ1AVDhAQCgVJTwFqCAc3NoU1BSEESU8VITgTCg9DVVNUT01fTU9ERUwBKxQA8gIaChYyFgAgTEVBRl9OQU1FAR0IHgoaNh0ACEFTVAE-EElGSUVEASEcFQoIU1BMSVQBTRni8IaAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APw0pIB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDgwLjI1NS43LjEwOKgEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADSBA4zMTY5I0ZSQTE6NjYxONoEAggB4AQB8ASloiCIBQGYBQCgBf8RARgBwAUAyQUABQEU8D_SBQkJBQt8AAAA2AUB4AUB8AWr70n6BQQIABAAkAYAmAYAuAYAwQYBITAAAPA_0Ab_C9oGFgoQCREZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB6SIBtIHDRVkASYI2gcGAV1wGADgBwDqBwIIAPAHlsUDiggCEACVCAAAgD-YCAE.&s=4ae49b0dd9ea4a2a7ec8b823025b697b787ebab5&bdref=https%3A%2F%2Fforward.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fforward.com%2F,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dcujjtcwp%26e%3D1971603729092,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dcujjtcwp%26e%3D1971603729092&
Frame ID: 73DA6E2BB1A4CF7417761D597B153887
Requests: 8 HTTP requests in this frame

Frame: https://www.googletagservices.com/dcm/dcmads.js
Frame ID: D573859725C1733ACE159D099B938ED1
Requests: 20 HTTP requests in this frame

Frame: https://imagesrv.adition.com/js/adition.js
Frame ID: BCC682584805A170FD033AF5D00D392B
Requests: 13 HTTP requests in this frame

Frame: https://ad4.adfarm1.adition.com/banner?sid=3692289&wpt=H&ac=-1&bid=16707077&userid=7124704239831220522&clickurl=https://fra1-ib.adnxs.com/click?DJOpglFJfT9-VZF-uR52PwAAAIAUruc_flWRfrkedj8Mk6mCUUl9P0Y_g_urAXQHjRdONcm4NVZWz6ZjAAAAAHlDgQEYKAAAYQwAAAIAAAAbqS0XnuYfAAAAAABVU0QARVVSACwB-gAx-QAAAAABAQUCAAAAAMoApCGwmAAAAAA./bcr=AAAAAAAA8D8=/cnd=%21_hYA2wjX9uMZEJvStrkBGJ7NfyAAKAAxAAAAAAAACEA6CUZSQTE6NTc3NkCIMElIMxZNZyfuP1EAAAAAAAAAAFkAAAAAAAAAAGG4HoXrUbieP2kAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MzE2OSNGUkExOjU3NzY=/bn=93370/clickenc=
Frame ID: 26905FFAF279F6CC0FAB3A57F4F0F4C7
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Frame ID: 75DB79F602570F998B898AE903CFDC51
Requests: 3 HTTP requests in this frame

Frame: https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fforward.com%2F&e=wqT_3QLIDfBMyAYAAAMA1gAFAQjWnpudBhDG_ozcv7WAugcYja-4qpOZ7ppWKjYJDJOpglFJfT8RflWRfrkedj8ZAAAAgBSu5z8hflWRfrkedj8pDJMJJPCaMQAAAEDheoQ_MPmGhQw4mFBA4RhIAlCb0ra5AViezX9gAGix8pcBeLrZBYABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJpdWYoJ2EnLCA0NTA2MTg4LCAwKTt1ZignaScsIDc2NTY5MjYsIDApO3VmKCdnJywgMTkxMDI1MDcsIDAJKTxzJywgMjc4NTgwOTIyLCAwCRYwcicsIDM4ODg2ODM3OQUW9IEBkgKJBSFRWC1ETGdqWDl1TVpFSnZTdHJrQkdBQWduczFfTUFFNEFFQUFTT0VZVVBtR2hReFlBR0M5Qm1nQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkFxZ0JBckFCQUxrQk5FNWNPNVdXZXpfQkFmUkQ0TFgzUm4wX3lRRUFBQURBek16c1A5a0JTRE1XVFdjbjdqX2dBZDZyMHdQMUFRQUFRRUNZQWdDZ0FnQzFBZ0FBQUFDOUFnQUFBQURBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdHQUF3R1lBd0dpQXc0SWdfeS1KeEFFR0FFdHdYS3dPYUlERXdpdDBfTW1FQW9ZQVMxbVptWV9NZ04xYm5HaUF3NEltcm1ZSlJBTEdBSXRBQUFBQUxvRENVWlNRVEU2TlRjM051QURpRENBQkpIa3FnbUlCTENKcXdtUUJBR1lCQVN5QkFrSXZ1b1JFSl9jcEEyNkJCa0k3UWdSdUI2RjYxRzRuajhaQUFBQUEBy1hBQWd2dW9Sd1FTNEhvWHJVYmllUDhrRQkbAQEYRFlCQUR4QgELDQF4aUFXUUxaZ0Z1cDNyaEFHcEJVZ3pGazFuSi00X3NRVQ0mFEFBQU1FRgEHCQE4REpCUUFBQUtBTGF1a18wLigABE5rFSi4OERfZ0Jjc0Y4QVdyOW8wSi1BWE1oSk1DZ2dZRFJWVlNpQVlBa0FZQm1BWUFvUVkJWzRBQUlRS2dHQkxJR0pBaxEUCEFBQh3HBEJrGRgAQx0YRExnR0NnLi6aApkBIV9oWUEydzqNAhBKN05meQG4BEF4EUIsQ0VBNkNVWlNRVEU2JZFAa0NJTUVsSU14Wk5aeWZ1UDEdYQBGHXkIR0c0NWUAMh0YAEgdMAxIZ0FpRaEBAfBARHdQdy4u2AIA4AKbhU7qAhRodHRwczovL2ZvcndhcmQuY29tL_ICEQoGQURWX0lEEgc0NTA2MTg48gISCgZDUEcBFAQIMW2jARUIBUNQARQACXWiPPICDQoIQURWX0ZSRVESATAFEBxSRU1fVVNFUgUQABUJIFhDT0RFEglMQU1CT18xMzbyAgwKCENQRwkYHADyAgsKB0NQFQ4QEAoFSU8BaggHNzaFNQUhBElPFSE4EwoPQ1VTVE9NX01PREVMASsUAPICGgoWMhYAIExFQUZfTkFNRQEdCB4KGjYdAAhBU1QBPhBJRklFRAEhHBUKCFNQTElUAU0Z4vCGgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgD8NKSAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBAw4MC4yNTUuNy4xMDioBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQOMzE2OSNGUkExOjU3NzbaBAIIAeAEAfAEpaIgiAUBmAUAoAX_EQEYAcAFAMkFAAUBFPA_0gUJCQULfAAAANgFAeAFAfAFq-9J-gUECAAQAJAGAJgGALgGAMEGASEwAADwP9AG_wvaBhYKEAkRGQFwEAAYAOAGAfIGAggAgAcBiAcAoAcByAe62QXSBw0VZAEmCNoHBgFdcBgA4AcA6gcCCADwB5bFA4oIAhAAlQgAAIA_mAgB&s=bddaa7ad74c5b8fc61db986b6e6d9663e8b0a657&bdref=https%3A%2F%2Fforward.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fforward.com%2F,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dhrrpjho%26e%3D1971603729092,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dhrrpjho%26e%3D1971603729092&
Frame ID: DC1012B7C68F3F5D56A1D9D3159C3F4E
Requests: 8 HTTP requests in this frame

Frame: https://acdn.adnxs-simple.com/strikeforce/script.js
Frame ID: 8529434230F1D66008C48F341936DCC8
Requests: 10 HTTP requests in this frame

Frame: https://ad4.adfarm1.adition.com/banner?sid=3692289&wpt=H&ac=-1&bid=16707077&userid=7124704239831220522&clickurl=https://fra1-ib.adnxs.com/click?DJOpglFJfT9-VZF-uR52PwAAAIAUruc_flWRfrkedj8Mk6mCUUl9PzzsOzqF2igtjRdONcm4NVZWz6ZjAAAAAHlDgQEYKAAAYQwAAAIAAAAbqS0XnuYfAAAAAABVU0QARVVSACwB-gAx-QAAAAABAQUCAAAAAMoAyyFXpQAAAAA./bcr=AAAAAAAA8D8=/cnd=%219BZB2AjX9uMZEJvStrkBGJ7NfyAAKAAxAAAAAAAACEA6CUZSQTE6NjYzMECIMElIMxZNZyfuP1EAAAAAAAAAAFkAAAAAAAAAAGG4HoXrUbieP2kAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MzE2OSNGUkExOjY2MzA=/bn=99395/clickenc=
Frame ID: CC5B6A488A3E256E817405E7FA42BA34
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Frame ID: CF0407D0E1084B2CDA4EC624C35D7594
Requests: 3 HTTP requests in this frame

Frame: https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fforward.com%2F&e=wqT_3QLIDfBMyAYAAAMA1gAFAQjWnpudBhC82O_R09C2lC0Yja-4qpOZ7ppWKjYJDJOpglFJfT8RflWRfrkedj8ZAAAAgBSu5z8hflWRfrkedj8pDJMJJPCaMQAAAEDheoQ_MPmGhQw4mFBA4RhIAlCb0ra5AViezX9gAGix8pcBeMOIBoABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJpdWYoJ2EnLCA0NTA2MTg4LCAwKTt1ZignaScsIDc2NTY5MjYsIDApO3VmKCdnJywgMTkxMDI1MDcsIDAJKTxzJywgMjc4NTgwOTIyLCAwCRYwcicsIDM4ODg2ODM3OQUW9IEBkgKJBSFrbjhGV3dqWDl1TVpFSnZTdHJrQkdBQWduczFfTUFFNEFFQUFTT0VZVVBtR2hReFlBR0M5Qm1nQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkFxZ0JBckFCQUxrQk5FNWNPNVdXZXpfQkFmUkQ0TFgzUm4wX3lRRUFBQURBek16c1A5a0JTRE1XVFdjbjdqX2dBZDZyMHdQMUFRQUFRRUNZQWdDZ0FnQzFBZ0FBQUFDOUFnQUFBQURBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0SWdfeS1KeEFFR0FFdHdYS3dPYUlERXdpdDBfTW1FQW9ZQVMxbVptWV9NZ04xYm5HaUF3NEltcm1ZSlJBTEdBSXRBQUFBQUxvRENVWlNRVEU2TmpZek1PQURpRENBQkpIa3FnbUlCTENKcXdtUUJBR1lCQVN5QkFrSXZ1b1JFSl9jcEEyNkJCa0k3UWdSdUI2RjYxRzRuajhaQUFBQUEBy1hBQWd2dW9Sd1FTNEhvWHJVYmllUDhrRQkbAQEYRFlCQUR4QgELDQF4aUFYbU01Z0Z1cDNyaEFHcEJVZ3pGazFuSi00X3NRVQ0mFEFBQU1FRgEHCQE4REpCUUFBQUtBTGF1a18wLigABE5rFSi4OERfZ0Jjc0Y4QVdyOW8wSi1BWE1oSk1DZ2dZRFJWVlNpQVlBa0FZQm1BWUFvUVkJWzRBQUlRS2dHQkxJR0pBaxEUCEFBQh3HBEJrGRgAQx0YRExnR0NnLi6aApkBITlCWkIyQTqNAhBKN05meQG4BEF4EUIsQ0VBNkNVWlNRVEU2JZFARUNJTUVsSU14Wk5aeWZ1UDEdYQBGHXkIR0c0NWUAMh0YAEgdMAxIZ0FpRaEBAfBARHdQdy4u2AIA4AKbhU7qAhRodHRwczovL2ZvcndhcmQuY29tL_ICEQoGQURWX0lEEgc0NTA2MTg48gISCgZDUEcBFAQIMW2jARUIBUNQARQACXWiPPICDQoIQURWX0ZSRVESATAFEBxSRU1fVVNFUgUQABUJIFhDT0RFEglMQU1CT18xMzbyAgwKCENQRwkYHADyAgsKB0NQFQ4QEAoFSU8BaggHNzaFNQUhBElPFSE4EwoPQ1VTVE9NX01PREVMASsUAPICGgoWMhYAIExFQUZfTkFNRQEdCB4KGjYdAAhBU1QBPhBJRklFRAEhHBUKCFNQTElUAU0Z4vCGgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgD8NKSAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBAw4MC4yNTUuNy4xMDioBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQOMzE2OSNGUkExOjY2MzDaBAIIAeAEAfAEpaIgiAUBmAUAoAX_EQEYAcAFAMkFAAUBFPA_0gUJCQULfAAAANgFAeAFAfAFq-9J-gUECAAQAJAGAJgGALgGAMEGASEwAADwP9AG_wvaBhYKEAkRGQFwEAAYAOAGAfIGAggAgAcBiAcAoAcByAfDiAbSBw0VZAEmCNoHBgFdcBgA4AcA6gcCCADwB5bFA4oIAhAAlQgAAIA_mAgB&s=76afd6dd7a3d386a5fbb6dd4eb63ccf16d663587&bdref=https%3A%2F%2Fforward.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fforward.com%2F,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dhmvbpoai%26e%3D1971603729092,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dhmvbpoai%26e%3D1971603729092&
Frame ID: B8002D1DABCEA4B7358EFD1BC7C393C4
Requests: 8 HTTP requests in this frame

Frame: https://imagesrv.adition.com/js/adition.js
Frame ID: 9A698E0EC4C9AF2D78BFE261D1DD5795
Requests: 13 HTTP requests in this frame

Frame: https://acdn.adnxs-simple.com/strikeforce/script.js
Frame ID: CE342C135073C76FD151E50B35348F2D
Requests: 14 HTTP requests in this frame

Frame: https://www.googletagservices.com/dcm/dcmads.js
Frame ID: A4FA8390A9A70372864B7B389324B91C
Requests: 17 HTTP requests in this frame

Frame: https://ad4.adfarm1.adition.com/banner?sid=3692289&wpt=H&ac=-1&bid=16707077&userid=7124704239831220522&clickurl=https://fra1-ib.adnxs.com/click?DJOpglFJfT9-VZF-uR52PwAAAIAUruc_flWRfrkedj8Mk6mCUUl9P9T9pXhZens-jRdONcm4NVZWz6ZjAAAAAHlDgQEYKAAAYQwAAAIAAAAbqS0XnuYfAAAAAABVU0QARVVSACwB-gAx-QAAAAABAQUCAAAAAMoA9CIGCgAAAAA./bcr=AAAAAAAA8D8=/cnd=%21ARfS2wjX9uMZEJvStrkBGJ7NfyAAKAAxAAAAAAAACEA6CUZSQTE6NTc3OUCIMElIMxZNZyfuP1EAAAAAAAAAAFkAAAAAAAAAAGG4HoXrUbieP2kAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MzE2OSNGUkExOjU3Nzk=/bn=93374/clickenc=
Frame ID: C0006B3D771B8FC09AF0B65F730AE788
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Frame ID: E943A6596BCC9D9FE2F2A5C7A9176FBD
Requests: 3 HTTP requests in this frame

Frame: https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fforward.com%2F&e=wqT_3QKoF_BMqAsAAAMA1gAFAQjWnpudBhDU-5fFl8vevT4Yja-4qpOZ7ppWKjYJDJOpglFJfT8RflWRfrkedj8ZAAAAgBSu5z8hflWRfrkedj8pDJMJJPCaMQAAAEDheoQ_MPmGhQw4mFBA4RhIAlCb0ra5AViezX9gAGix8pcBeL7ZBYABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJpdWYoJ2EnLCA0NTA2MTg4LCAwKTt1ZignaScsIDc2NTY5MjYsIDApO3VmKCdnJywgMTkxMDI1MDcsIDAJKTxzJywgMjc4NTgwOTIyLCAwCRYwcicsIDM4ODg2ODM3OQUW9IEBkgLpDiFOMjVRbVFqWDl1TVpFSnZTdHJrQkdBQWduczFfTUFFNEFFQUFTT0VZVVBtR2hReFlBR0M5Qm1nQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkFxZ0JBckFCQUxrQk5FNWNPNVdXZXpfQkFmUkQ0TFgzUm4wX3lRRUFBQURBek16c1A5a0JTRE1XVFdjbjdqX2dBZDZyMHdQMUFRQUFRRUNZQWdDZ0FnQzFBZ0FBQUFDOUFnQUFBQURBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0SWdfeS1KeEFFR0FFdHdYS3dPYUlERXdpdDBfTW1FQW9ZQVMxbVptWV9NZ04xYm5HaUF3NEltcm1ZSlJBTEdBSXRBQUFBQUxvRENVWlNRVEU2TlRjM09lQURpRENBQkpIa3FnbUlCTENKcXdtUUJBR1lCQVNxQktZSENQX19fX19fX19fX193RVFfX19fX19fX19fX19BUmpfX19fX18FIww4QklQBQkJARR3RW9DREQJDAUBCDhCTzIgAARGQQUXDQEIQVVqDQoBAQg4QlU2LAAAWQEWEQEEQVc2WAAAYTYsAAB3ESgBARhBWGdCZ0FIAQsNAQg4Qmk6EAAAazoQACBtQUh3MHBJQm86GAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAAIDBBSDVob1VNMjoYAAA0OhAAADY6EAAAODoQABwtQUc1Qm9BQw3hBQEIQVlnNhAAAFo6IAAAWjogAABhOiAAAGE6IAAAYjogAABiOiAAAGM6IAAAYzogAABkOiAAAGQ6IAAAZTogAABlOiAAAGY6IAAAZjogAARZQS4VAiEANhAAAFo6IAAAWjogAABhOiAAAGE6IAAAYjogAABiOiAAAGM6IAAAYzogAABkOiAAAGQ6IAAQZUFEQU86FAAAZjo0AABmOiAACFlBRSXtDQEIQVlnNhAAAFo6IAAAWjogAABhOiAAAGE6IAAAYjogAABiOiAAAGM6IAAAYzogAABkOiAAAGQ6IAAAZTogAABlOiAAAGY6IAAAZjogAAhZQUYN-wUBCEFZZzYQAABaOiAAAFo6IACYYklFQ1FpLTZoRVFuOXlrRGJvRUdRanRDQkc0SG9YclViaWVQeGtBoaoFAVRDQy02aEhCQkxnZWhldFJ1SjRfeVFRBRsFARhOZ0VBUEVFBQwFAVBDSUJaTXRtQVc2bmV1RUFha0ZTRE3NJAgteEIdOwh3UVUFMgUBCE1rRgEIHG9BdHE2VF9SLigAADIVKMBEd1AtQUZ5d1h3QmF2MmpRbjRCY3lFa3dLQ0JnTkZWVktJQmdDUUJnR1lCZ0NoQmdBAVM0QUFBaEFxQVlFc2dZa0MdgABFHQwARx0MAEkdDDh1QVlLmgKZASFBUmZTMnc6bQcoSjdOZnlBQUtBQXgBZwEBLENFQTZDVVpTUVRFNsVxQFVDSU1FbElNeFpOWnlmdVAxPSwARj1pAEc9gQAyHRgASB0wDEhnQWnlgQEB8EBEd1B3Li7YAgDgApuFTuoCFGh0dHBzOi8vZm9yd2FyZC5jb20v8gIRCgZBRFZfSUQSBzQ1MDYxODjyAhIKBkNQRwEUBAgxGoMIARUIBUNQARQACSKCCDzyAg0KCEFEVl9GUkVREgEwBRAcUkVNX1VTRVIFEAAVCSBYQ09ERRIJTEFNQk9fMTM28gIMCghDUEcJGBwA8gILCgdDUBUOEBAKBUlPAWoIBzc2EhUJBSEESU8VITgTCg9DVVNUT01fTU9ERUwBKxQA8gIaChYyFgAgTEVBRl9OQU1FAR0IHgoaNh0ACEFTVAE-EElGSUVEASEcFQoIU1BMSVQBTRni8IaAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APw0pIB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDgwLjI1NS43LjEwOKgEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADSBA4zMTY5I0ZSQTE6NTc3OdoEAggB4AQB8AQSggogiAUBmAUAoAX_EQEYAcAFAMkFAAUBFPA_0gUJCQULfAAAANgFAeAFAfAFq-9J-gUECAAQAJAGAJgGALgGAMEGASEwAADwP9AG_wvaBhYKEAkRGQFwEAAYAOAGAfIGAggAgAcBiAcAoAcByAe-2QXSBw0VZAEmCNoHBgFdcBgA4AcA6gcCCADwB5bFA4oIAhAAlQgAAIA_mAgB&s=9c604484f6c30f1f92b00fb459008f59ad3b960e&bdref=https%3A%2F%2Fforward.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fforward.com%2F,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dnhlvbl%26e%3D1971603729092,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dnhlvbl%26e%3D1971603729092&
Frame ID: 6F843604273FE5C1F11B22C8A24D0529
Requests: 8 HTTP requests in this frame

Frame: https://prebid.bidstreamserver.com/setuid?bidder=onetag&gdpr=&gdpr_consent=&f=b&uid=
Frame ID: 0421255B8F8D02C96D00A39704F34602
Requests: 1 HTTP requests in this frame

Frame: https://prebid.bidstreamserver.com/setuid?bidder=onetag&gdpr=&gdpr_consent=&f=b&uid=
Frame ID: A9C122D37716AAD7CDF031E2DD420D03
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=6c68086c0c61793
Frame ID: B311D39FE0FBB70DDCE88E9E8D211D25
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Frame ID: EB0F81F25DF31747F1A9E497C2A83A3D
Requests: 20 HTTP requests in this frame

Frame: https://vid.vidoomy.com/sync?redirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D6227%26spui%3D%26dpui%3D%7B%7BVID%7D%7D
Frame ID: FFE361EA1CA161A0C8D7BA72B3529C60
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=6c68086c0c61793
Frame ID: 893C8069D75536414C1E804FFED7C33B
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Frame ID: 36A3B5ED756D7A4F6599AC42D38486F2
Requests: 6 HTTP requests in this frame

Frame: https://vid.vidoomy.com/sync?redirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D6227%26spui%3D%26dpui%3D%7B%7BVID%7D%7D
Frame ID: 636EE1BF4D628A5285D07936A4EAF389
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=6c68086c0c61793
Frame ID: A8A0BA361C42D5007D4A5AFBCC9968F0
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Frame ID: 57FA3971D32022BF9F003B5C482DC250
Requests: 6 HTTP requests in this frame

Frame: https://vid.vidoomy.com/sync?redirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D6227%26spui%3D%26dpui%3D%7B%7BVID%7D%7D
Frame ID: A5BDDA23322AAE313BB497AC7448E0A8
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=6c68086c0c61793
Frame ID: D0FCFA07BBB0D35E0B2202E94B562D47
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Frame ID: FCBAE6041BEA06134FCCCCBB42A70A0F
Requests: 3 HTTP requests in this frame

Frame: https://vid.vidoomy.com/sync?redirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D6227%26spui%3D%26dpui%3D%7B%7BVID%7D%7D
Frame ID: BC6EED6AFB0A6203BA1A0FA2553D39B1
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=6c68086c0c61793
Frame ID: FAA92793B521EEBB1D8526F87A724CC0
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Frame ID: FB042718C91D4CBEC19E67F72C27D001
Requests: 3 HTTP requests in this frame

Frame: https://vid.vidoomy.com/sync?redirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D6227%26spui%3D%26dpui%3D%7B%7BVID%7D%7D
Frame ID: EBA171AE5F9A4F82A64292B4B9FF7303
Requests: 1 HTTP requests in this frame

Frame: https://ads.bidstreamserver.com/servlet/view/banner/javascript/zone?pid=0&zid=638&fcid=950&uuid=9070c017ce75def74666ccd2bb5bc39f&viewable=false&random=41201069&millis=20221224050716&hb_request=98989297&hb_error=decline&friendly=friendly_41201069&language=de&pvid=82898819&resolution=1600x1200&txid=29916087&frcn=0&sid=8&sver=1&tagid=ad-15977849&uuid=9070c017ce75def74666ccd2bb5bc39f&referrer=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F
Frame ID: 8B6D9BD5DC62C751CDCFDCDE4A4DC6B3
Requests: 1 HTTP requests in this frame

Frame: https://ads.bidstreamserver.com/servlet/view/banner/javascript/media?mid=0&cid=950&pid=0&zid=638&uuid=9070c017ce75def74666ccd2bb5bc39f&viewable=false&random=16954618&millis=20221224050716&hb_request=63491654&hb_bidder=appnexus&hb_cpm=0.0126&hb_adid=22e08c8cde22646&hb_dealid=null&hb_size=300x250&hb_async=ad-83406151&language=de&pvid=82898819&resolution=1600x1200&txid=79877780&frcn=0&sid=8&sver=1&tagid=ad-83406151&uuid=9070c017ce75def74666ccd2bb5bc39f&referrer=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F
Frame ID: A6EE896E25E06745E075EB75B0350C81
Requests: 9 HTTP requests in this frame

Frame: https://prebid.bidstreamserver.com/setuid?bidder=onetag&gdpr=&gdpr_consent=&f=b&uid=
Frame ID: A742B6789CE413220B563BDCF31C8390
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 62767635C82F09565153AE1B70BA2EBE
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0A5044EC4580AD06DCA8FD89BCD826BF
Requests: 2 HTTP requests in this frame

Frame: https://ad4.adfarm1.adition.com/banner?sid=3692289&wpt=H&ac=-1&bid=16707077&userid=7124704239831220522&clickurl=https://fra1-ib.adnxs.com/click?DJOpglFJfT9-VZF-uR52PwAAAIAUruc_flWRfrkedj8Mk6mCUUl9Pydo9CJYdeZ1jRdONcm4NVZWz6ZjAAAAAHlDgQEYKAAAYQwAAAIAAAAbqS0XnuYfAAAAAABVU0QARVVSACwB-gAx-QAAAAABAQUCAAAAAMoARyKSywAAAAA./bcr=AAAAAAAA8D8=/cnd=%21-xYq2gjX9uMZEJvStrkBGJ7NfyAAKAAxAAAAAAAACEA6CUZSQTE6NjYyOECIMElIMxZNZyfuP1EAAAAAAAAAAFkAAAAAAAAAAGG4HoXrUbieP2kAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MzE2OSNGUkExOjY2Mjg=/bn=74492/clickenc=
Frame ID: 8A4B4C06513C975924E07881229A68FD
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Frame ID: 5B39935654BD5006CC3337DA02B8B582
Requests: 3 HTTP requests in this frame

Frame: https://cdn.flashtalking.com/129256/3290827/index.html
Frame ID: 64B6FF21EEA4C1A5F0E315D232D5DCC3
Requests: 14 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Frame ID: 84A8A783607E888377D65A219197FEE5
Requests: 3 HTTP requests in this frame

Frame: https://cdn.flashtalking.com/129256/3290827/index.html
Frame ID: EC3487D90B3FBD2291AB673A0C4B440F
Requests: 14 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Frame ID: 24CBDDC368B532B96CB3A20D5C6BA1E2
Requests: 3 HTTP requests in this frame

Frame: https://cdn.flashtalking.com/129256/3290827/index.html
Frame ID: E2E05080FCC2BF8DA84F2562EB623895
Requests: 14 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Frame ID: 091DB592DFD63FC55C1D2AEFC3327065
Requests: 3 HTTP requests in this frame

Frame: https://cdn.flashtalking.com/129256/3290827/index.html
Frame ID: C39E7ED82264FDF8845D6F6ED03F339D
Requests: 14 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Frame ID: E366B7E7BBDAE01A9CD39DAF19780ACC
Requests: 3 HTTP requests in this frame

Frame: https://cdn.flashtalking.com/129256/3290827/index.html
Frame ID: ED46C2E91D15A5FFF51586B3010AE263
Requests: 14 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Frame ID: 894E5F868CF0BDB47B88BC7E4AF521B5
Requests: 3 HTTP requests in this frame

Frame: https://cdn.flashtalking.com/129256/3290827/index.html
Frame ID: 1A6BD4C2A2600601601677DB49302386
Requests: 14 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Frame ID: 981AFFBEFF4C389B6772C7F1545539F4
Requests: 3 HTTP requests in this frame

Frame: https://www.googletagservices.com/dcm/dcmads.js
Frame ID: 3CF9D84A7E328CD685109D9C598329DC
Requests: 16 HTTP requests in this frame

Frame: https://servedby.flashtalking.com/imp/2/171383;6162252;201;js;GroupMCompetenceCenter;DEToyotaAlwaysOnRangeAlwaysOnConvertDisplayLightReactionProspectingSuperBanner0122/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ft_section=13571920_CorollaHB_PR_AutoOpt&ftOBA=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Domaxbbue%26e%3D1544311770728&ft_keyword=13571920_CorollaHB_PR_AutoOpt&gdpr=0&gdpr_consent=&cachebuster=104085.63713330677
Frame ID: 0E9D21595798EF6D07D480F1E0C428F4
Requests: 15 HTTP requests in this frame

Frame: https://servedby.flashtalking.com/imp/2/171383;6162252;201;js;GroupMCompetenceCenter;DEToyotaAlwaysOnRangeAlwaysOnConvertDisplayLightReactionProspectingSuperBanner0122/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ft_section=13571920_CorollaHB_PR_AutoOpt&ftOBA=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Drnekscbjcg%26e%3D1544311770728&ft_keyword=13571920_CorollaHB_PR_AutoOpt&gdpr=0&gdpr_consent=&cachebuster=248886.98557302312
Frame ID: F2A881484008874B261807B87E61BAFC
Requests: 15 HTTP requests in this frame

Frame: https://cdn.flashtalking.com/129256/3290827/index.html
Frame ID: 9A07A5E2CB893E7CEAE9235D1F37239B
Requests: 14 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Frame ID: AFC9DBA904AC0192B04705E83B4A4D93
Requests: 3 HTTP requests in this frame

Frame: https://servedby.flashtalking.com/imp/2/171383;6162252;201;js;GroupMCompetenceCenter;DEToyotaAlwaysOnRangeAlwaysOnConvertDisplayLightReactionProspectingSuperBanner0122/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ft_section=13571920_CorollaHB_PR_AutoOpt&ftOBA=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dppqndwhs%26e%3D1544311770728&ft_keyword=13571920_CorollaHB_PR_AutoOpt&gdpr=0&gdpr_consent=&cachebuster=534526.3713044231
Frame ID: 434A1B3D83E6E698066B1F02AE019E41
Requests: 15 HTTP requests in this frame

Frame: https://imagesrv.adition.com/js/adition.js
Frame ID: 7DB7F44C0F0A7CA80FACB2B03B6AC815
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 50069D34D5E685F9AB7662725AED8034
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 728C5841F42A5AA880A2F2D8BEF3848B
Requests: 2 HTTP requests in this frame

Frame: https://www.googletagservices.com/dcm/dcmads.js
Frame ID: 06943BE85ACB5407CEEEAB150DC6F1E2
Requests: 14 HTTP requests in this frame

Frame: https://cdn.advanseads.com/content_server/1.0/adv_jstag_2.js
Frame ID: 5B10A76DD2727ECC5067395FEA481CB3
Requests: 14 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid.bidstreamserver.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Frame ID: 1E6355AF3D53190D78D919600A9A3E36
Requests: 1 HTTP requests in this frame

Frame: https://3beb1f81fc485bd83fb3615e658cef3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Frame ID: 457BBC46CD2FFDBC106D38D554F80C75
Requests: 1 HTTP requests in this frame

Frame: https://ads.bidstreamserver.com/servlet/view/banner/javascript/zone?pid=0&zid=637&fcid=951&uuid=9070c017ce75def74666ccd2bb5bc39f&viewable=false&random=11346887&millis=20221224050716&hb_request=17182134&hb_error=timeout&friendly=friendly_11346887&language=de&pvid=82898819&resolution=1600x1200&txid=91375395&frcn=0&sid=19&sver=1&tagid=ad-86335943&uuid=9070c017ce75def74666ccd2bb5bc39f&referrer=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F
Frame ID: 6DADEC4BF447B9596D94A18B067DC0F8
Requests: 1 HTTP requests in this frame

Frame: https://ads.bidstreamserver.com/servlet/view/banner/javascript/zone?pid=0&zid=637&fcid=951&uuid=9070c017ce75def74666ccd2bb5bc39f&viewable=false&random=18961229&millis=20221224050716&hb_request=10257702&hb_error=timeout&friendly=friendly_18961229&language=de&pvid=82898819&resolution=1600x1200&txid=41784790&frcn=0&sid=19&sver=1&tagid=ad-9091948&uuid=9070c017ce75def74666ccd2bb5bc39f&referrer=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F
Frame ID: FD161FEA4A895211BA176660897ED0F4
Requests: 1 HTTP requests in this frame

Frame: https://ad4.adfarm1.adition.com/banner?sid=3692289&wpt=H&ac=-1&bid=16707077&userid=7124704239831220522&clickurl=https://fra1-ib.adnxs.com/click?DJOpglFJfT9-VZF-uR52PwAAAIAUruc_flWRfrkedj8Mk6mCUUl9PylL6_YYHHgnjRdONcm4NVZWz6ZjAAAAAHlDgQEYKAAAYQwAAAIAAAAbqS0XnuYfAAAAAABVU0QARVVSACwB-gAx-QAAAAABAQUCAAAAAMoAoiEAmAAAAAA./bcr=AAAAAAAA8D8=/cnd=%21-Rae2QjX9uMZEJvStrkBGJ7NfyAAKAAxAAAAAAAACEA6CUZSQTE6NjU0NUCIMElIMxZNZyfuP1EAAAAAAAAAAFkAAAAAAAAAAGG4HoXrUbieP2kAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MzE2OSNGUkExOjY1NDU=/bn=99145/clickenc=
Frame ID: 67CC7E14C127DA44FAFFBE4A69A6CC09
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Frame ID: DD0678FDC463986080CD9534D850829A
Requests: 3 HTTP requests in this frame

Frame: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Frame ID: B35F6F6C624DFCEC98DA15DD7C22D744
Requests: 2 HTTP requests in this frame

Frame: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Frame ID: 3BF9B8D0E66BEE8006607732B3149775
Requests: 2 HTTP requests in this frame

Frame: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Frame ID: 20C010C3A237455DB9E4EACAE0585FBA
Requests: 2 HTTP requests in this frame

Frame: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Frame ID: D10D2A14C336C7D88737B89475EEA40D
Requests: 2 HTTP requests in this frame

Frame: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Frame ID: 15892B91C8A60C8124274FA166229B34
Requests: 2 HTTP requests in this frame

Frame: https://dd03b60b7cea74449bd5679d8ed8afe5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Frame ID: C5ABF470A138F7B012BE22ECBEB84A7C
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 490A5599FA54C7040BF63E07491655CD
Requests: 2 HTTP requests in this frame

Frame: https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1671876442.5712300.c1e9ff4c-8372-11ed-b29e-00155d255900ID
Frame ID: AD688C9AE6317CC78B71D1F790C3234F
Requests: 5 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CPKpuIuBkvwCFYPJOwIdtXsNwA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8615419870541.607
Frame ID: FC81E66B5736F0A49DD925ADDF70A96E
Requests: 2 HTTP requests in this frame

Frame: https://hal900010.redintelligence.net/request_content.php?s=44963500034056600951421012183010&a=2b5be74c
Frame ID: 2AEF817355618D92CFD4443E8C065C49
Requests: 7 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Frame ID: 7DD03F3B13D735A1249FF473BC11816F
Requests: 3 HTTP requests in this frame

Frame: https://ads.rubiconproject.com/ad/23684.js
Frame ID: 2752BD32736219725664AF7FDD18561C
Requests: 7 HTTP requests in this frame

Frame: https://5a0b7fa0b7bc097353a0829cd558de54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Frame ID: 800966F5E2F20BBF485F7F6C46677AB2
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid.bidstreamserver.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Frame ID: 3BBC047E9B45EC2AE0D9CC1EBFEB1620
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: E19EE0AEE14EC720213A3CAE9A29C67B
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 8A0D6410BE0D9353C5718B53A93296D0
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 2F8BD4FBAB463C1ABD7B953EBB88E57F
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Frame ID: C75662BE57F115A2D9F8BA7E3D1C5803
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 0ABF597A5BBACEE711CBC523852D46B3
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 854B27A26E8842BBCED8D7818B7D8C22
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 7C8CA547870952F2351C990C3023D662
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Frame ID: 028AC7B5A46EF325E43D2D53D249314C
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 4655B79F16280C2CFDA4E1E377A2E402
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Frame ID: 3FBC307A1562EDCA467FC2C86D99C6FD
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 0EE4B54ABC6FC754C1D97AF7F81D4A04
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: A736B5303D0800D97A098441E7D4DDC8
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: D47E1011D2E2F41631A2FFD9276B601A
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 9D9FDD39B552D602B1319554A6404A76
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Frame ID: B7D99CE74E027FB48E263822582A27D1
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: C33A4181C17156E06AF9546F5FC15A20
Requests: 10 HTTP requests in this frame

Frame: https://delivery.advanseads.com/1.0/ifr.php?zid=77191&dt=2&cb=1305348382&c=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FXwfOGVHaWz8c5PNfJ8JUPwAAAIA9Cu8_HOTzXyfCVD9gB84ZUdpbP3X44UXzBG59jRdONcm4NVZXz6ZjAAAAAJdDgQEYKAAA6h8AAAIAAAAgNuAPnuYfAAAAAABVU0QARVVSANgCWgAx-QAAAAABAQUCAAAAAMoAJiTwUgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521xRSavgjVn4IXEKDsgH8Yns1_IAAoADF7FK5H4XqEPzoJRlJBMTo1Njc5QIgwSQAAAAAAAPA_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAANA_aQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DODE3MCNGUkExOjU2Nzk%3D%2Fbn%3D93300%2Fclickenc%3D&i=9038166945075165301&&&cb=720627&adv_imp=45900364-ebbc-481a-8893-5ae6b73a23cc&gen_imp=true&adv_int_imp=4a7ebf27-1dd6-4401-a31c-11cdefcfc5d8&zf=%7B%22property_code%22%3A%22TADE48391106_%5BADV_LOCAL_LANG%5D%22%2C%22browser_lang%22%3A%22%5BADV_LOCAL_LANG%5D%22%7D
Frame ID: 5B21B225D30302917F3D143610D8DA5A
Requests: 15 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Frame ID: 4CB65B9E17E78D9755999CD93F30A3A6
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 94FC02D508A22D663BE3F5CCFD0A26EC
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: E3643494FD542F8A07F9AB5A1011BB66
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: A436451708E4B8452127ABCA75B68407
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Frame ID: C67E1C5DA5C99AC057BC9CA1F34CD2EB
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: DE4FE013AB1F29693E35455C7B3FD397
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 451CDE557FE2740BA30429AEDA01A69A
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 4FB6F046BB5EF150E571D7D0A1AF7EAE
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Frame ID: 6057DA6AF720D017417C7DAA6A612D55
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: A1DE528E72269AAF6081EBBC583CEA79
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: ED16D060054902943A79D2085C0AC860
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: EF02529EFAA0A390ADA3F63DE258EEB4
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Frame ID: BD023FE77F2D07AE5A45669301D3445F
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 57034B0CAE3C0EB843533F229ED2317C
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 3F22FAD5F58BF9FE98A454162A511CF7
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 35CFF696522F11EA22D65C31B72E4203
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: A0B64009ED594EB68DC0387EA2C011A1
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: BD401542B47AB86E18CDB55BD18E9681
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 08FAAEA9552CC4B441C165AE722E7116
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Frame ID: D874CD337E4E0D34ED3064D9E36F5D5C
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 2619FE540AA8663F6CA3E260D249F3DE
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: DC97653C7D8C99E162405213BD9486A0
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Frame ID: ECDFF6D526694D8C6798F857DF282167
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: BC3FD68C9F843C60FCE47CAA4E6689BF
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Frame ID: DEBDE230CB40EDC7AE71A0468ECCC6F0
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: A3F6E3995C3144CD7751E8C328170034
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: EA327709E415FE186E309AD1D349D1E8
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: BBDE866CF9B73527132BADB5272D1238
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 44BB9831818FD8B6C6B9CFC400226D65
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: B52EC3F955DEB30160F4B9D826460652
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 6C998FD7F8C2E9A5D7FD365F48FC3258
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Frame ID: B625E31C1E47248B8CAA106FEC5C23C5
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Frame ID: 20C4F26F3DB80288D4AA6017869EB919
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 130945120306EB975A74A4E74B4145BB
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: BD491DD0A81BBA7E153845941FD5E61B
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 7548B36813A704847A15A2B48D8BAB85
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EDBF80DD572906BDBAFFDD9C33EB4913
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9FBD2540EA21C6DB21B1EDB245F3CF02
Requests: 2 HTTP requests in this frame

Frame: https://dcdn.adnxs.com/renderer-content/02aea8ce-bfac-4fe8-b53f-a52391e7405d
Frame ID: 482FA56ED80AD3AD861BAD011C6DEFCF
Requests: 12 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:97cb63a6-cf57-4b00-93fc-283781cb1270&gdpr=0&gdpr_consent=
Frame ID: 1FBA61F02559C809920D803687D54629
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: DE70A9B5F757D064F86FD530903BC419
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 0F8060112D0F279974E80D468B1EBAF6
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=88A45D14-ACF1-42C5-8783-39F4189AF5BF&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 132AE491E863794FB2A6DB5DEB8EB531
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6212074435349714829&gdpr=0&gdpr_consent=
Frame ID: 16E44020E7DC1C3150749654B1E937C4
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: 79231E4894D866C6333878EA922AB76A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7180654624183416986&gdpr=0&gdpr_consent=
Frame ID: C52D54B37C35FE28AF40D7515CAF3825
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: 5F94C8BC15983E7BE9935A578BE50313
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACvtU7HTZ8AACCc-W2WOA&gdpr=0&gdpr_consent=
Frame ID: D433DBB5755BFD714FFEA64C373828C0
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: 4BC1A88CF77C06607C50EA7E9E117BA4
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 30F823AF9F0E5E30C69DC65CE5B4B02A
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: DD58227BCC5EA3970492FB814BEB3B0A
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: CD747BA1AAD03F0D11E42CA74F45AEE0
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4582704781
Frame ID: 4FE75BA3CF247EA973DAD8519BC08CD9
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: B91E41020D42EED16ACC74E1F85D92D3
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 7D70B3F494B474334F0349740F3E283C
Requests: 1 HTTP requests in this frame

Frame: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=e5cc4c2eac971790/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DkODCF8PznVjjWjXngjRTbTRa
Frame ID: 95123A3BCDE81D4CA55CEC6D73B616FB
Requests: 1 HTTP requests in this frame

Frame: https://x.serverbid.com/usersync?ttt=3&src=2&cspi=0&cn=3&spui=&dpui=88A45D14-ACF1-42C5-8783-39F4189AF5BF
Frame ID: AA7116956EC342214CF992E992C664EC
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: DCA2EC86E6C201F15E1A559F80B9C536
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Frame ID: FD93A9D2F8A1460BF5C4124F1948A672
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 1352807AFF75DDB36E212F1C16588DB0
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 46F587C115A58F3D938D82C4E9704849
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: E9E29C224C66278B865D7E0CFF5D0DE0
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: B4FB838B3BB4DAFF4EC8336067665A20
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 6E29A7191D8F014EC59F3C1D6294CD70
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Frame ID: AE8A01865F916CBFEAE5FAB84E3EF439
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 3228D20DB315EECB652B0BE5356F53C4
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: F81A30FA51200E16238EAB5FFAB5BF68
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Frame ID: B23435C7FE1ED976B53FF3FD41F72179
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 0F3832C93C83D28CDAE51F8D17FC41C7
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 45A52933599DE2D7B065B4A166153B2E
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: D4EF3BE46F0381309BBFB5997CD16379
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 2DF394F63F305FE9FAB71388EC302E6C
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Frame ID: F3994D3423DA4AB51D91CF90BCFDB079
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: F77A14E7F69D077F55309AF31B40C2A2
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 094D3D4F65862B42FA5A1617A1CBA3D2
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 0D22235879155D5C9DC904D7AC7EE770
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Frame ID: 1F8BA6464D6652517573E33AE7537F7C
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: C861C16D186B60F1862FCCC9C3049AC1
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 601B475BBDE2760FEBFACD1EBC53F7F3
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Frame ID: 60320451F0C7C006CA6FAC2EC5758A97
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 959A641457B48B779FF46FC7FAA9F131
Requests: 2 HTTP requests in this frame

Frame: https://ads.rubiconproject.com/ad/23684.js
Frame ID: 4ABAB6532730D1C580EA3A02AF962A15
Requests: 6 HTTP requests in this frame

Frame: https://ads.rubiconproject.com/ad/23684.js
Frame ID: DB0364A799E4C09F7152975148942031
Requests: 6 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 2CD70D9A1EA141CD89BD488C48E842C7
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 0AAA4FA5B850C6E65CDABA3C6D47E720
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 84AB02101E3FA27C20BF85F503EACE8A
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Frame ID: FF69D54DEDC3173658384FC91FEA3662
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 313FFD1FAE673534B59AAFDFFE5EBBD0
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: D96460440CC296FC25AB35992D59ABF6
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Frame ID: D6FE4ABF0DAE6100283D259FFAF306AD
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: D8C1B8D85141353B1F76F6A3D50BBB07
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Frame ID: 6E47E52C29B914F2B944AB45E8EDB94E
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 184C1888C3FC77170F73AA294D66C92B
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 398F24FB1379986FEA42291A2A72F178
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 566A153D9BFAD1C75E477E62948B901D
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: DCA8F34FE3A7A4BF51C836B41DDE4F81
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: A5E5BD80D42849236D9753354C8207B5
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: E4621DFF641B8FFF57E2119749264941
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Frame ID: 261B10BE320FD770FA01A4E70149DC25
Requests: 1 HTTP requests in this frame

Frame: https://prebid.bidstreamserver.com/setuid?bidder=onetag&gdpr=&gdpr_consent=&f=b&uid=
Frame ID: 784BCD1932D534256F6BCEDD4B10BAE8
Requests: 1 HTTP requests in this frame

Frame: https://cdn.flashtalking.com/129256/3290827/index.html
Frame ID: 832F1BFFE9E2A53CE05DDC27CE61E665
Requests: 5 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Frame ID: C03197DA6B18C42EEA2E04805C95C436
Requests: 3 HTTP requests in this frame

Frame: https://cdn.flashtalking.com/129256/3290827/index.html
Frame ID: DA7C7599CAE22A6609999BCB77BB5A39
Requests: 5 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Frame ID: 9A258F2E828BA47309C3B18E866A2A93
Requests: 3 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid.bidstreamserver.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Frame ID: C4251028D8F95DBC3235DFF65D3F7532
Requests: 1 HTTP requests in this frame

Frame: https://cdn.flashtalking.com/129256/3290827/index.html
Frame ID: D9EFD65E9F128B390060F6303F031069
Requests: 5 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Frame ID: B3C7BCE36C9584BAC23C39C92187FB0D
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8627345791007471973/index.html
Frame ID: 0E58173AD17755BFD0EF11209F9961C0
Requests: 8 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2776815936793873956/index.html
Frame ID: 703CE9F13064279F49BA6DE26DEA9F7F
Requests: 8 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=11153&pub_id=2164665
Frame ID: 1079DBFD786D3313D661F862D8FB6F9C
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8820714032462456054/index.html
Frame ID: CB7966CD97F2BF57A48817D7D37A89D4
Requests: 8 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: A5A166C20FFBF62571829930A0DE5838
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: EBA2456E398B1DC6014AD2A51A1DD325
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: D5D6A6A8515676E6CF4168F7946B2B19
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 83E7FF8960101467EE6E72BE8E004443
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: E0B7E1BB5C64F3FAF6B64E0C94193DBB
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 7A1C72524AD93729DEFDD7E88CFC1DC5
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 5D6B406E4BB22B9EF2F867E9BB0E38B9
Requests: 10 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 41E9D638326C5C723AD34FAC57181D7F
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 374D202ECEECCA8CEE77D4AF87977BDD
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Frame ID: 0988D5C661347FFAD9FAF0757FE50A54
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: AB2E6B329BCFA057BF7A88C2032B8B10
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 8B0E8255941A8F152CDFA910D7A330CC
Requests: 10 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: EBF842623E692C0018E527C5FD167227
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 2682900528594817661A781551CDADFD
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 812DEDB3FE896674142C8CDE519C8B48
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Frame ID: 7AF9CB73DE7079E3D582B6FC0A53FBAB
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 6399D15FA79739AFEB7ED4269A0E2752
Requests: 10 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 2DFEB190461152CAD4619045008E7627
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 768AFE3585C84BB68E166B4C376876EB
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Frame ID: 7838BA779FB0DBDB3EE6D068B19D011C
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 5F160F119B71683B8B11B03D0345C26B
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 88F4793015DD6EF0001CAC17D0E9136B
Requests: 10 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 74D3485211C8D9BD829B3C07D2DFACD6
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Frame ID: 18E3A0310C9399DEFE9B17B095D8CD5B
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 129807D39545CA92F2DE2F232A915CD9
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 72DDEC1B3C037885AB44B585AF0EA3E9
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: E7215E4CDAB836731DE1E70A532788CB
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 17BB8D2F9DA1E15D7290622B6683E5CC
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 3349032C876010D206B73BB33595545C
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Frame ID: 8029BC4FBC118C9D792BFCCAE51C63F1
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: B66A500EB3C3C22F6CBDD27CA6BDB03D
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: A23E29FAA2B0A639D6D6B2FF66AD4B00
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 5C970230F7C43B587ACAED78C9F92DB0
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Frame ID: F8468617C37BB2AA24408E496AF25FB6
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 3E3172BDA75E5D55164302CB5426C84E
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 2035CFD636D4A3173D66672C30910E5D
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: C48051D055928064843D7575944D33B0
Requests: 10 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: E7C2EB90B5D7DACBCF4A568B9BE11E9E
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 5A09AC2AB139572DFC6A1341594E89FB
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 3EFE3FB7BE034DA6F012ED25BF0B9311
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Frame ID: 0668A71CDBC71455DCC2AB527124F40F
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagservices.com/dcm/dcmads.js
Frame ID: 84EA430711C326642C0288B2E8920137
Requests: 7 HTTP requests in this frame

Frame: https://www.googletagservices.com/dcm/dcmads.js
Frame ID: 3D32F79CF266BC65B7574444CE4179E6
Requests: 7 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Frame ID: F59767DA8E571590AE5D8F2F7318F8EA
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Frame ID: 699A823C31E1100A919448DADE9BBC97
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Frame ID: 7AE149ECADB044F891B2FDAF9544D905
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Frame ID: 1D9A460CD04ECDA5B5C7978BC3AECEEC
Requests: 3 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid.bidstreamserver.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Frame ID: 2415D4025F3EA66F64144882C7BB838D
Requests: 1 HTTP requests in this frame

Frame: https://imagesrv.adition.com/js/adition.js
Frame ID: E4A3EA7317492E9F35CEA6CBFBE2D6E5
Requests: 5 HTTP requests in this frame

Frame: https://cdn.advanseads.com/content_server/1.0/adv_jstag_2.js
Frame ID: F51F561551EB0171EB2372D173A692EB
Requests: 7 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 83CAD2FDFBC48F81D0DE1C3BCD988E96
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 5A5EF5225668F14660C089DF82484F28
Requests: 10 HTTP requests in this frame

Frame: https://www.googletagservices.com/dcm/dcmads.js
Frame ID: 07FC97DE719B9A2E5B3840DF5C311E8A
Requests: 7 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Frame ID: 87D9000F50B2FC0B8A2DD8D0B707665A
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: EFC84DA3D240098EEC2E012657DFDB0A
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 395B83738A9345664ECB445B8D52DA78
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 97B068C23D113F84774118E8AFB6F59F
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 9FFE51E3A29F0F8D57273664DD0C618C
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: BC31C3499D9374FC05CE9E80611670AE
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 55E80F3993E9B3FC389723B5D8ABE2D1
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: AE670FEEF04CD940D574A18F46B63A3C
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 1C233051DC97AB252155A93C62FF9EC1
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B7EB97D6F9DF71D42CFA403181AD628B
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8E6D4F1E7A6E6B665C3D1784B81C783A
Requests: 2 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N163801.279382BIDMANAGER_DFASITE/B24737564.284764903;dc_ver=92.271;sz=1x1;u_sd=1;gdpr=0;dc_adk=1605059296;ord=c0r820;click=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FXwfOGVHaWz8c5PNfJ8JUPwAAAIA9Cu8_HOTzXyfCVD9gB84ZUdpbP3X44UXzBG59jRdONcm4NVZXz6ZjAAAAAJdDgQEYKAAA6h8AAAIAAAAgNuAPnuYfAAAAAABVU0QARVVSANgCWgAx-QAAAAABAQUCAAAAAMoAJiTwUgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521xRSavgjVn4IXEKDsgH8Yns1_IAAoADF7FK5H4XqEPzoJRlJBMTo1Njc5QIgwSQAAAAAAAPA_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAANA_aQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DODE3MCNGUkExOjU2Nzk%3D%2Fbn%3D93300%2Fclickenc%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Fforward.com%2F$0;xdt=1;crlt=SGqX)'TyIK;gcsr=m;stc=1;chaa=1;sttr=2419;prcl=s
Frame ID: 37B914ABA719CA443D69F59DAE48D878
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 03324D3B5F85B421AE55C544D3302BD8
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: DBD3F83138E05E06A42BA1C88B35B772
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 16F66D4D49FB0D8D2B9FF0FD6B4A441C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0385C064B970D175A73B239621FF2854
Requests: 2 HTTP requests in this frame

Frame: https://imagesrv.adition.com/banners/268/01/02/b8/18/index.html?clicktag=https%3A%2F%2Ffra1%2Dib.adnxs.com%2Fclick%3FKHqKBn054D9ViIyJNfvYPwAAAIA9Cu8%5FRxz1wmt%5F5D%5FH155ZEqDqP%2DH0GTgw6Zw7jRdONcm4NVZVz6ZjAAAAAJdDgQEYKAAAsAQAAAIAAADAAz8YnuYfAAAAAABVU0QARVVSANgCWgAx%2DQAAAAABAQUCAAAAAMoAWyUv4wAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521BhJD%5FAjJo5YaEMCH%5FMEBGJ7NfyAAKAAxAAAAAAAAAAA6CUZSQTE6NTc3N0CIMElIMxZNZyfuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTIwMCNGUkExOjU3Nzc%3D%2Fbn%3D75880%2Fclickenc%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7180654632757234698%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7180654624183416986%2526sid%253D4787253%2526kid%253D5641793%2526bid%253D17071378%2526c%253D32825%2526keyword%253D%25255Bmtp%25255D%252528cid%252529406782912%25255BAAID%25255D%25255BIDFA%25255D%25255Bu%25255Dhttps%25253A%25252F%25252Fforward.com%25252F%25255Bp%25255D1654713%25255Bmtp%25255D%252528segc%252529%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7180654649941363469%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7180654624183416986%2526sid%253D2885600%2526kid%253D5572862%2526bid%253D16955416%2526c%253D64632%2526keyword%253DPACS%25255F4787253%25255F17071378%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Frame ID: 63937C1304AC37FDC4C79A8B68937FF7
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4086B759AE84E5F855477BE75E1DE10D
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 301F1C35C1EDEBE4A88EA0DB5C715368
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/1849230996232346937/index.html
Frame ID: 22351D293B5C1F6A3038896CCB2EA662
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 69B7339077FA8B504A9067D720918ECC
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 103E5F8C995C7C577965C203ACFBDCB5
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Frame ID: 1963C304138B2E4B70614814460AAADF
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: D0A41475A4F0A1C3F21909DDFE77CFDA
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: B8FD04D2EABFF9D6F2D819605A690A91
Requests: 10 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12888370925857180031/index.html
Frame ID: 9442F1E546B6DFB4A8E0008E66CAD860
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: F81CCD941805202558EECFB0A65CF4AE
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 8B307118EAE342439E2AC9E8160F64BC
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 507FF2AB3002D2AB9E4BC498CF677255
Requests: 10 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: A4F52343558C04A2EEE80E5C5FBDEA59
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 1A529F08070720AB0F750EDBE8B91F02
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: D995A7D83A40F3987FC2540B3D1A63A0
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: E9D0926AE95CBA81ADA6276C3F32A4AC
Requests: 10 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 5809D497395EC8D81D6AC243ED84F556
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 5F0B26C782FB23E4772CA8ECF43889C5
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 216D68A644C7E11C590DF961353568A7
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 073445E507FFAABA981B694A00B6775B
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: A1A0304A4332E13E732B69FEC0DD8444
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 4FE9CA5ABEA6FD65B8DCD2B6794D7907
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Frame ID: 93661D095C220A7E3A595401F8E9D7FB
Requests: 2 HTTP requests in this frame

Frame: https://imagesrv.adition.com/banners/268/01/02/b8/23/index.html?clicktag=https%3A%2F%2Ffra1%2Dib.adnxs.com%2Fclick%3Fyq8V4zQk4D%2D77vLtcNrYPwAAAIAUruc%5FRxz1wmt%5F5D%5FH155ZEqDqPyAipzZN7NVxjRdONcm4NVZWz6ZjAAAAAHlDgQEYKAAAsAQAAAIAAAC8Az8YnuYfAAAAAABVU0QARVVSACwB%2DgAx%2DQAAAAABAQUCAAAAAMoAuSfJEwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521%2DhFt%2DAjJo5YaELyH%5FMEBGJ7NfyAAKAAxAAAAAAAAAAA6CUZSQTE6NTMxOUCIMElIMxZNZyfuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTIwMCNGUkExOjUzMTk%3D%2Fbn%3D93185%2Fclickenc%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7180654637069372426%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7180654624183416986%2526sid%253D4787252%2526kid%253D5641793%2526bid%253D17071377%2526c%253D37455%2526keyword%253D%25255Bmtp%25255D%252528cid%252529406782908%25255BAAID%25255D%25255BIDFA%25255D%25255Bu%25255Dhttps%25253A%25252F%25252Fforward.com%25252F%25255Bp%25255D1654713%25255Bmtp%25255D%252528segc%252529%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7180654654246685453%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7180654624183416986%2526sid%253D2885601%2526kid%253D5572862%2526bid%253D16955427%2526c%253D12559%2526keyword%253DPACS%25255F4787252%25255F17071377%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Frame ID: ED3C84D47806D7405FEE75F3417D381A
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E27E9EEE73CC2D0C82261EBBE917D0BF
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4E46A29140BDE57D9013D475D294514D
Requests: 1 HTTP requests in this frame

Frame: https://delivery.advanseads.com/1.0/ifr.php?zid=77191&dt=2&cb=111838169&c=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FcaJdhZSfhD9gBeL3or1-PwAAAIA9Cu8_YAXi96K9fj9zol2FlJ-EP-2S1V4e4XtnjRdONcm4NVZaz6ZjAAAAAJdDgQEYKAAA6h8AAAIAAADq0tUPnuYfAAAAAABVU0QARVVSANgCWgAx-QAAAAABAQUCAAAAAMoAbSgXzAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521TBbZTAjFsdAVEOql134Yns1_IAAoADGamZmZmZm5PzoJRlJBMTo1MzA2QIgwSQAAAAAAAPA_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAANA_aQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DODE3MCNGUkExOjUzMDY%3D%2Fbn%3D92996%2Fclickenc%3D&i=7456801128598311661&&&cb=874443&adv_imp=702b4515-bd2a-4547-9cf4-d640f6d90e65&gen_imp=true&adv_int_imp=c3d13bd5-f416-46ec-b10d-9d947d640692&zf=%7B%22property_code%22%3A%22czkar23228_%5BADV_LOCAL_LANG%5D%22%2C%22browser_lang%22%3A%22%5BADV_LOCAL_LANG%5D%22%7D
Frame ID: 4067877B34463D75ACF3E1FDAA4C2E5B
Requests: 9 HTTP requests in this frame

Frame: https://imagesrv.adition.com/banners/268/01/02/b8/22/index.html?clicktag=https%3A%2F%2Ffra1%2Dib.adnxs.com%2Fclick%3FkmrOcDsU4D8iU7tT2MHYPwAAAIAUruc%5FR8XGl%2Dxq5D8TDyibcoXqP7FgxrpyvWxnjRdONcm4NVZWz6ZjAAAAAHlDgQEYKAAAsAQAAAIAAAC8Az8YnuYfAAAAAABVU0QARVVSACwB%2DgAx%2DQAAAAABAQUCAAAAAMoACCYpQAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521ABIX%2DgjJo5YaELyH%5FMEBGJ7NfyAAKAAxAAAAAAAAAAA6CUZSQTE6NTI5OECIMElIMxZNZyfuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTIwMCNGUkExOjUyOTg%3D%2Fbn%3D93260%2Fclickenc%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7180654637074942986%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7180654624183416986%2526sid%253D4787252%2526kid%253D5641793%2526bid%253D17071377%2526c%253D42599%2526keyword%253D%25255Bmtp%25255D%252528cid%252529406782908%25255BAAID%25255D%25255BIDFA%25255D%25255Bu%25255Dhttps%25253A%25252F%25252Fforward.com%25252F%25255Bp%25255D1654713%25255Bmtp%25255D%252528segc%252529%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7180654654252321549%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7180654624183416986%2526sid%253D2885601%2526kid%253D5572862%2526bid%253D16955426%2526c%253D27139%2526keyword%253DPACS%25255F4787252%25255F17071377%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Frame ID: 3DCE2D70E06430B6B6E3FE72A7FDF69D
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Frame ID: 68007FAD1E36E532B3A13A2FA50EE3AF
Requests: 2 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: F9DC8CF273E641D5570F39398D8D4277
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: A2B380D1323AC0B165D63AA25B7B1B5D
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: A59151AC443FBBEDCF4F5EB1DF111781
Requests: 1 HTTP requests in this frame

Frame: https://x.serverbid.com/usersync?ttt=3&src=2&cspi=0&cn=3&spui=&dpui=88A45D14-ACF1-42C5-8783-39F4189AF5BF
Frame ID: 5B80C6FBB8D57F7B303873B6BCB197C9
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 637195F1637AAAEE32914F24336A9B5F
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: B8A628C653F205A542521D67D551920F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:8874ED5CEE8940DDB1B8506056D965E5&gdpr=0&gdpr_consent=
Frame ID: 480AA0C9057B66FDC76C1DDBAE91E8D3
Requests: 1 HTTP requests in this frame

Frame: https://x.serverbid.com/usersync?ttt=3&src=2&cspi=0&cn=3&spui=&dpui=88A45D14-ACF1-42C5-8783-39F4189AF5BF
Frame ID: 9DBB0D4B5B04868D95A6CE6588A9B3D7
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=88A45D14-ACF1-42C5-8783-39F4189AF5BF&gdpr=0&gdpr_consent=
Frame ID: 098FF87A0F9476B3064001D8CBA72FB1
Requests: 1 HTTP requests in this frame

Frame: https://x.serverbid.com/usersync?ttt=3&src=2&cspi=0&cn=3&spui=&dpui=88A45D14-ACF1-42C5-8783-39F4189AF5BF
Frame ID: 8E57F169250788CB25332449F470EA0C
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=88A45D14-ACF1-42C5-8783-39F4189AF5BF&gdpr=0&gdpr_consent=
Frame ID: 995B729A0FA9E2B2FDAEDB3212E2FC79
Requests: 1 HTTP requests in this frame

Frame: https://x.serverbid.com/usersync?ttt=3&src=2&cspi=0&cn=3&spui=&dpui=88A45D14-ACF1-42C5-8783-39F4189AF5BF
Frame ID: 262E9C530A3A0C25EC29FF1DE0948213
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: DE3A3787E8BB96FDFADB21DFC676608E
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Frame ID: B5E4103077C0F3D13489BE45C5686F50
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F45138CA1AF4A40DD54F645F77DE1B57
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 9BC9716D8834753270BBB35BB17B0EBA
Requests: 10 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17869387440646609525/index.html
Frame ID: 1F66ABF471D35AA693855E0A91C13800
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 7E9A10C6C399FC8ED45012EF9BA613B2
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: DD41F6E0803AEB30ED6148503D0F0D0D
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 0F1F2BE29C4990F8E099E570434F59CF
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Frame ID: E3AD97ECCE866D3887718418008C257D
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: CF3FCCCD97FE120BA8FDDEC5D3829D10
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: FCFEFA43D78FE4B2205BB3F5974A84EC
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: B40409DE09B973CE78662B8B08689902
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Frame ID: A1D41D2D8FD9ADF318895E8EE1D4FF95
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Frame ID: F4B04D9413A5D850F82B66129DD0890F
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15430684408566409259/index.html
Frame ID: F4C73D23B3491F439CFF6076F41BAB4B
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D13C8F244281E5C19617327CA446839B
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1A4585E3F2FD01C0DAB2C6F50E3B694D
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Frame ID: CC56362ABAEF4D16A65E47E9898FE176
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Frame ID: C438227774F946D95F97E694EACED3D7
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 1CC5F0D0FBC3EB1C35901CE38C129CF7
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: B01205FEFA0F7D88083E8CE4805B42AE
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Frame ID: E327529E2629DB53BC72618C7233234C
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 9CD849F323C42F2147B71383B1607A20
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Frame ID: B3FF8E7AE83C1DC97FD6CC698B8A5BDA
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: B74BFCC3509B72B9408BEA100622A8DF
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 566A6C6C07029AEF32BE833F77F2A133
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: D240657751B99E3A8750D0E73DCA61E8
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Frame ID: ABF2089009C836944D6E49292EDE60BB
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: EB94385D9AFA702A4174ACA1C1A38687
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: E477940B7B75E039492F0308B1A8FC46
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 1A9FB0022B307F9CC0363E3A237FC1C1
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Frame ID: D83F31CB8534586865CC8244B6D2A080
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 25DC2A939361112232468822797CCF3A
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: CCF5D923F745EDF2066F3AFD77B608E2
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 5ED3184751D44FE0CD917D37DF82C49B
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 8D2314FA01C4D2CAD942A36F059959B1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 70FB7509F8D3532520E560716077F0F7
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=forward.com
Frame ID: BDCF27689CAA11C46A9E76AD6A56DF7C
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=forward.com
Frame ID: 7A7177A1C19B61DF220934F29A50C2C4
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 99D1ED8D1D8130A3823EEFCDE0AC0D5C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1C5BFE0AE5BD639F5A7D870F22D5AB21
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=forward.com
Frame ID: 56554D3EDF445E405DAC6F6098912699
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 2E3DF94D24EC6934CC5E7085263A7B63
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Congressman-elect George Santos lied about grandparents fleeing anti-Jewish persecution during WWII – The Forwardlogo/forward/smallicon/f

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • /([\d.]+(?:-?rc[.\d]*)*)/angular(?:\.min)?\.js
  • \bangular.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • [^a-z]mtc.*\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • swfobject.*\.js
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

2976
Requests

91 %
HTTPS

29 %
IPv6

131
Domains

218
Subdomains

152
IPs

16
Countries

48957 kB
Transfer

106578 kB
Size

173
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 707
  • https://dsp.adfarm1.adition.com/cookie/?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_876576%26src.visitorid%3D%25%25COOKIE%25%25 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_876576&src.visitorid=7180654624184727703&gdpr=0&gdpr_consent=
Request Chain 711
  • https://dsp.adfarm1.adition.com/cookie/?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_876576%26src.visitorid%3D%25%25COOKIE%25%25 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_876576&src.visitorid=7180654624183941259&gdpr=0&gdpr_consent=
Request Chain 715
  • https://dsp.adfarm1.adition.com/cookie/?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_876576%26src.visitorid%3D%25%25COOKIE%25%25 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_876576&src.visitorid=7180654624183416986&gdpr=0&gdpr_consent=
Request Chain 763
  • https://dsp.adfarm1.adition.com/cookie/?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_876576%26src.visitorid%3D%25%25COOKIE%25%25 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_876576&src.visitorid=7180654624183416986&gdpr=0&gdpr_consent=
Request Chain 767
  • https://dsp.adfarm1.adition.com/cookie/?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_876576%26src.visitorid%3D%25%25COOKIE%25%25 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_876576&src.visitorid=7180654624183416986&gdpr=0&gdpr_consent=
Request Chain 771
  • https://dsp.adfarm1.adition.com/cookie/?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_876576%26src.visitorid%3D%25%25COOKIE%25%25 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_876576&src.visitorid=7180654624183416986&gdpr=0&gdpr_consent=
Request Chain 775
  • https://tags.mathtag.com/notify/img?exch=apn&s_exch=apn&id=5aW95q2jLzIzLyAvT1daa09URTBaVGN0TWpWaU9TMHpaR00zTFRBd01EQXRNREF3TURBd01EQXdNREF3LzYwNjE3ODcyMjUxMzcyNzUwNS82NjIyNDAxLzQ1NjIzMTIvMTMvZlVzdjM2WlhNYkVIQnoyNVAwbGxjYUNLQ2tVOGwwZjRMazNraHN5TFJqRS8xLzEzLzAvMC85NTY4MDMvMTM1ODg5MDg2MC8yMTY1MzYvNjUxODcxLzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvNjA2MTc4NzIyNTEzNzI3NTA1L3pyaC8wLzE5NS80Ni85OTkvMzIyLzgwLjI1NS43LjAvMC4wMDAvMTY3MTg3NjQzOC8xNjcxODg5MDM4LzEzLzEwMjY0Lw/gfyWlIRp1g_0NYiiyeXRHlAcc1U&nodeid=3749&group=zrh&auctionid=606178722513727505&pbs_auctionid=606178722513727505&shardkey=606178722513727505&sid=4562312&cid=6622401&bp=a_aefiia&min_bid_win=${AUCTION_MIN_TO_WIN}&nfy_act=LD5wew&bfip=185.29.133.60&type=imp&client=c2s HTTP 302
  • https://tags.mathtag.com/ck-confirm?bid_id=606178722513727505&node_id=3749&exch_id=13
Request Chain 788
  • https://dsp.adfarm1.adition.com/cookie/?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_876576%26src.visitorid%3D%25%25COOKIE%25%25 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_876576&src.visitorid=7180654624183416986&gdpr=0&gdpr_consent=
Request Chain 872
  • https://ad13.adfarm1.adition.com/banner?sid=4317211&gdpr=0&gdpr_consent=&kid=5564120&bid=16870234&wpt=C&ts=%5Btimestamp%5D&prf%5Bcustom_1%5D=%5BCID%5D&prf%5Bcustom_2%5D=%5BGID%5D HTTP 302
  • https://imagesrv.adition.com/1x1.gif
Request Chain 960
  • https://ad13.adfarm1.adition.com/banner?sid=4317211&gdpr=0&gdpr_consent=&kid=5564120&bid=16870234&wpt=C&ts=%5Btimestamp%5D&prf%5Bcustom_1%5D=%5BCID%5D&prf%5Bcustom_2%5D=%5BGID%5D HTTP 302
  • https://imagesrv.adition.com/1x1.gif
Request Chain 973
  • https://ad13.adfarm1.adition.com/banner?sid=4317211&gdpr=0&gdpr_consent=&kid=5564120&bid=16870234&wpt=C&ts=%5Btimestamp%5D&prf%5Bcustom_1%5D=%5BCID%5D&prf%5Bcustom_2%5D=%5BGID%5D HTTP 302
  • https://imagesrv.adition.com/1x1.gif
Request Chain 991
  • https://ad13.adfarm1.adition.com/banner?sid=4317211&gdpr=0&gdpr_consent=&kid=5564120&bid=16870234&wpt=C&ts=%5Btimestamp%5D&prf%5Bcustom_1%5D=%5BCID%5D&prf%5Bcustom_2%5D=%5BGID%5D HTTP 302
  • https://imagesrv.adition.com/1x1.gif
Request Chain 1024
  • https://hal900010.redintelligence.net/request.php?zone=9odysa1gd1m7&nw=20&renderingType=javascript&namespace=80b1edea75&subid=&uid=78c8377b5e12e4a7&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D606178722513727505%26mt_id%3D6622401%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dsnklkezbm%26e%3D1535582086632&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fforward.com&random=5930284631568&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900010.redintelligence.net/request.php?zone=9odysa1gd1m7&nw=20&renderingType=javascript&namespace=80b1edea75&subid=&uid=78c8377b5e12e4a7&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D606178722513727505%26mt_id%3D6622401%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dsnklkezbm%26e%3D1535582086632&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fforward.com&random=5930284631568&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 1052
  • https://ad13.adfarm1.adition.com/banner?sid=4317211&gdpr=0&gdpr_consent=&kid=5564120&bid=16870234&wpt=C&ts=%5Btimestamp%5D&prf%5Bcustom_1%5D=%5BCID%5D&prf%5Bcustom_2%5D=%5BGID%5D HTTP 302
  • https://imagesrv.adition.com/1x1.gif
Request Chain 1065
  • https://ad13.adfarm1.adition.com/banner?sid=4317211&gdpr=0&gdpr_consent=&kid=5564120&bid=16870234&wpt=C&ts=%5Btimestamp%5D&prf%5Bcustom_1%5D=%5BCID%5D&prf%5Bcustom_2%5D=%5BGID%5D HTTP 302
  • https://imagesrv.adition.com/1x1.gif
Request Chain 1082
  • https://onetag-sys.com/usync/?redir=https%3A%2F%2Fprebid.bidstreamserver.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D HTTP 302
  • https://prebid.bidstreamserver.com/setuid?bidder=onetag&gdpr=&gdpr_consent=&f=b&uid=
Request Chain 1083
  • https://onetag-sys.com/usync/?redir=https%3A%2F%2Fprebid.bidstreamserver.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D HTTP 302
  • https://prebid.bidstreamserver.com/setuid?bidder=onetag&gdpr=&gdpr_consent=&f=b&uid=
Request Chain 1089
  • https://p.rfihub.com/cm?pub=42786&in=1 HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=53&userId=5107433825725154417
Request Chain 1090
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D&s=185073&C=1 HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Y6bPWOa4eXFjFoTtryyD1wAA%261203
Request Chain 1092
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=6212074435349714829
Request Chain 1095
  • https://p.rfihub.com/cm?pub=42786&in=1 HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=53&userId=5134455420373653959
Request Chain 1096
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D&s=185073&C=1 HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Y6bPWOa4eXFjFoTtryyD1wAA%261203
Request Chain 1098
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=6212074435349714829
Request Chain 1106
  • https://p.rfihub.com/cm?pub=42786&in=1 HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=53&userId=5109685625407808779
Request Chain 1107
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D&s=185073&C=1 HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Y6bPWOa4eXFjFoTtryyD1wAA%261203
Request Chain 1109
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=6212074435349714829
Request Chain 1116
  • https://p.rfihub.com/cm?pub=42786&in=1 HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=53&userId=5124322324289821878
Request Chain 1117
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D&s=185073&C=1 HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Y6bPWOa4eXFjFoTtryyD1wAA%261203
Request Chain 1119
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=6212074435349714829
Request Chain 1126
  • https://p.rfihub.com/cm?pub=42786&in=1 HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=53&userId=5109685625407808780
Request Chain 1127
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D&s=185073&C=1 HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Y6bPWOa4eXFjFoTtryyD1wAA%261203
Request Chain 1129
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=6212074435349714829
Request Chain 1156
  • https://onetag-sys.com/usync/?redir=https%3A%2F%2Fprebid.bidstreamserver.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D HTTP 302
  • https://prebid.bidstreamserver.com/setuid?bidder=onetag&gdpr=&gdpr_consent=&f=b&uid=
Request Chain 1157
  • https://prebid.a-mo.net/cchain/0?gdpr=&us_privacy=&cb=https%3A%2F%2Fprebid.bidstreamserver.com%2Fsetuid%3Fbidder%3Damx%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D HTTP 302
  • https://prebid.bidstreamserver.com/setuid?bidder=amx&gdpr=&gdpr_consent=&f=i&uid=dd11488c-7a2a-49a0-9cad-3c3ecd06ae98&gdpr=&gdpr_consent=&us_privacy=
Request Chain 1198
  • https://ad.doubleclick.net/ddm/trackimp/N526601.2621703GROUPMCOMPETENCEC/B27471378.331615144;dc_trk_aid=523976581;dc_trk_cid=168322537;ord=1671876439;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?&501411426 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N526601.2621703GROUPMCOMPETENCEC/B27471378.331615144;dc_pre=CPCI-IqBkvwCFdCw3godEbIHMA;dc_trk_aid=523976581;dc_trk_cid=168322537;ord=1671876439;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?&501411426
Request Chain 1204
  • https://ad.doubleclick.net/ddm/trackimp/N526601.2621703GROUPMCOMPETENCEC/B27471378.331615144;dc_trk_aid=523976581;dc_trk_cid=168322537;ord=1671876439;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?&522186882 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N526601.2621703GROUPMCOMPETENCEC/B27471378.331615144;dc_pre=CJaJ-IqBkvwCFUFW4AodT3MKhw;dc_trk_aid=523976581;dc_trk_cid=168322537;ord=1671876439;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?&522186882
Request Chain 1210
  • https://ad.doubleclick.net/ddm/trackimp/N526601.2621703GROUPMCOMPETENCEC/B27471378.331615144;dc_trk_aid=523976581;dc_trk_cid=168322537;ord=1671876439;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?&271069520 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N526601.2621703GROUPMCOMPETENCEC/B27471378.331615144;dc_pre=COqK-IqBkvwCFUZo4Aod7csIfQ;dc_trk_aid=523976581;dc_trk_cid=168322537;ord=1671876439;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?&271069520
Request Chain 1216
  • https://ad.doubleclick.net/ddm/trackimp/N526601.2621703GROUPMCOMPETENCEC/B27471378.331615144;dc_trk_aid=523976581;dc_trk_cid=168322537;ord=1671876439;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?&389088807 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N526601.2621703GROUPMCOMPETENCEC/B27471378.331615144;dc_pre=CPuQ-IqBkvwCFY6SdwodtxQCdQ;dc_trk_aid=523976581;dc_trk_cid=168322537;ord=1671876439;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?&389088807
Request Chain 1222
  • https://ad.doubleclick.net/ddm/trackimp/N526601.2621703GROUPMCOMPETENCEC/B27471378.331615144;dc_trk_aid=523976581;dc_trk_cid=168322537;ord=1671876439;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?&254077950 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N526601.2621703GROUPMCOMPETENCEC/B27471378.331615144;dc_pre=CO6N-IqBkvwCFbjHuwgdo4ICvA;dc_trk_aid=523976581;dc_trk_cid=168322537;ord=1671876439;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?&254077950
Request Chain 1227
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fforward.com%2F&domain=forward.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=LAUsJnxiSE9ROSt5SHNLdVBUSmFwdHptTUhDZStqYkpZTklBQVhnaENuZmNXbkR0eGp5QVF0OHp0c3M5SnZFaGtWZUVoV1lReStEZ1NJNFZuSHU3bHcvNzQ2WEJySEpwNjBBdTIzMVNUdjZ4cXV0UnNYczBocHIxbDRObFl1YTlJaGtwSVA2YkRCVXp0eXk2R2ZSZWl4VmxYN21HRWdNeExCMVU1RUtyazdZM2dEb2wzaDVHSlZXOE1LOWRQMURBZlB2akZ3YUtBSHE1MXdGb0lubFhsenBBelJwdGMwb0RQU0FzMGtaL3pvOFA3bkJNPXw&cppv=2
Request Chain 1234
  • https://ad.doubleclick.net/ddm/trackimp/N526601.2621703GROUPMCOMPETENCEC/B27471378.331615144;dc_trk_aid=523976581;dc_trk_cid=168322537;ord=1671876439;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?&662363010 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N526601.2621703GROUPMCOMPETENCEC/B27471378.331615144;dc_pre=CL-m-IqBkvwCFcDiuwgdasgFCg;dc_trk_aid=523976581;dc_trk_cid=168322537;ord=1671876439;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?&662363010
Request Chain 1244
  • https://dsp.adfarm1.adition.com/cookie/?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_876576%26src.visitorid%3D%25%25COOKIE%25%25 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_876576&src.visitorid=7180654624183416986&gdpr=0&gdpr_consent=
Request Chain 1250
  • https://dsp.adfarm1.adition.com/cookie/?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_876576%26src.visitorid%3D%25%25COOKIE%25%25 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_876576&src.visitorid=7180654624183416986&gdpr=0&gdpr_consent=
Request Chain 1256
  • https://ad.doubleclick.net/ddm/trackimp/N526601.2621703GROUPMCOMPETENCEC/B27471378.331615144;dc_trk_aid=523976581;dc_trk_cid=168322537;ord=1671876439;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?&648556498 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N526601.2621703GROUPMCOMPETENCEC/B27471378.331615144;dc_pre=CNKI_IqBkvwCFaNN5QodeqQBiw;dc_trk_aid=523976581;dc_trk_cid=168322537;ord=1671876439;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?&648556498
Request Chain 1262
  • https://dsp.adfarm1.adition.com/cookie/?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_876576%26src.visitorid%3D%25%25COOKIE%25%25 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_876576&src.visitorid=7180654624183416986&gdpr=0&gdpr_consent=
Request Chain 1298
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fforward.com%2F&domain=forward.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=a9SzZnxJUHVyT25UR0xtaTdnSHdSSWlqTThidU1hVVYwVEtPdGZiNkRxb0JCRWo2NDVnd204L1dGQ2R5bXlKb3RxbjRISkh4TGxzOXNKQXh6SGxlTS9wN29md2pEd0VLSW5aWlNnU0Y4NFFoakFsSVVybFNnbEdzNXlKc1RXNHNLRzZQczljTWRkUVh2aFJnVWs2czlMRitOS0tJQ3VlSE5lOU1nbWhCNUZVSzdlQkFDNkUxZ3pUTitvRWVBbUMwaTlGWmhhc1doUUY5dU0zMmlSaFd0c0JJdGdheGxEeWd5aWVBaUZTUldrZGx5RUF3PXw&cppv=2
Request Chain 1400
  • https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=844299&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5109685625407808780
Request Chain 1438
  • https://synchroscript.deliveryengine.adswizz.com/getUID?curl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D175765%26dpuuid%3D%24%7BUID%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=175765&dpuuid=4b5d332ddeaee719729a2cbacdf7898e HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=175765&dpuuid=4b5d332ddeaee719729a2cbacdf7898e
Request Chain 1440
  • https://synchroscript.deliveryengine.adswizz.com/getUID?curl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D175765%26dpuuid%3D%24%7BUID%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=175765&dpuuid=4b5d332ddeaee719729a2cbacdf7898e HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=175765&dpuuid=4b5d332ddeaee719729a2cbacdf7898e
Request Chain 1443
  • https://synchroscript.deliveryengine.adswizz.com/getUID?curl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D175765%26dpuuid%3D%24%7BUID%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=175765&dpuuid=4b5d332ddeaee719729a2cbacdf7898e HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=175765&dpuuid=4b5d332ddeaee719729a2cbacdf7898e
Request Chain 1449
  • https://synchroscript.deliveryengine.adswizz.com/getUID?curl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D175765%26dpuuid%3D%24%7BUID%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=175765&dpuuid=4b5d332ddeaee719729a2cbacdf7898e HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=175765&dpuuid=4b5d332ddeaee719729a2cbacdf7898e
Request Chain 1451
  • https://synchroscript.deliveryengine.adswizz.com/getUID?curl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D175765%26dpuuid%3D%24%7BUID%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=175765&dpuuid=4b5d332ddeaee719729a2cbacdf7898e HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=175765&dpuuid=4b5d332ddeaee719729a2cbacdf7898e
Request Chain 1476
  • https://www.awin1.com/cshow.php?s=2661283&v=11524&q=391598&r=296283&pref1=44963500034056600951421012183010&pv=1 HTTP 302
  • https://trf.greatviews.de/cl?m315=c&q=nyVlHJ2acuRY7q9fsD728kyQ HTTP 302
  • https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1671876442.5712300.c1e9ff4c-8372-11ed-b29e-00155d255900ID
Request Chain 1478
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8615419870541.607 HTTP 302
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CPKpuIuBkvwCFYPJOwIdtXsNwA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8615419870541.607
Request Chain 1488
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fforward.com%2F&domain=forward.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=j5keZXxqTHhQSW9SeVMzRDgwa2lrMFN0azRWTWh6SE5rREVCdkxMUy80ZjlIR2lIR2FObW1jTDRwdm52OFAyR2ZYTURpVkNjVy9hUm5RVzUrMm1QUXY4N3FPVi9Nd2YyOUo0TG1SSElZZFFpU0tkL0NSbGI1UmozckVDYzB3OWFTMWYxbWZKVld0NDRpemk4Um9QYXZpUmYyRUIrUUlnMjJnVjdNdGZnOHErWDFyQzRpVGxzUVM0TkY2dFhaRmtSbnJxUUlTdHhpMC9YZm03K09OOUcyK2FQSnpCSE9nY09yWnNOZDNPMWIzWmpCRUJFPXw&cppv=2
Request Chain 1493
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fforward.com%2F&domain=forward.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=M3jHYXxWa21DS1pjNGpyOU1kd21xNjNGcFJMcHgyRWQzbWVDSmUvYzF2VTcxbS9oQnRpZUU5Rm1QejUyQ2dISzBUazNKMm55cHNmM2gvRVdNWEl2QWhrMW4xM3ZxMHFqMUVIbnVvYkIwTjh2bER6SVVtc3JhRmtKZG5POVhLdkFILzY0ZURpMFV3T000emFzbjJRQ0JqcjJ1MGxZMXNCNUxpcFV4WmErT3AyQzRpOUwvWUlzbC8zbGxuVVFIeWNKS2xFTG5PR3dMR0JraFRZckd4NkhBRFpDenFaTWJMaUNyM0Y1UlBMRytNcXhkOEQ0PXw&cppv=2
Request Chain 1508
  • https://prebid.a-mo.net/cchain/0?gdpr=&us_privacy=&cb=https%3A%2F%2Fprebid.bidstreamserver.com%2Fsetuid%3Fbidder%3Damx%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D HTTP 302
  • https://prebid.bidstreamserver.com/setuid?bidder=amx&gdpr=&gdpr_consent=&f=i&uid=98018288-e3c9-4b5c-b598-18f5d6f31ff7&gdpr=&gdpr_consent=&us_privacy=
Request Chain 1596
  • https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=844299&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://ad.turn.com/r/cs?pid=21&gdpr=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3396307127223499462
Request Chain 1653
  • https://prebid.a-mo.net/cchain/0?gdpr=&us_privacy=&cb=https%3A%2F%2Fprebid.bidstreamserver.com%2Fsetuid%3Fbidder%3Damx%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D HTTP 302
  • https://prebid.bidstreamserver.com/setuid?bidder=amx&gdpr=&gdpr_consent=&f=i&uid=dbcfc33f-ff91-424a-934b-38ba7bb6e679&gdpr=&gdpr_consent=&us_privacy=
Request Chain 1825
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:97cb63a6-cf57-4b00-93fc-283781cb1270&gdpr=0&gdpr_consent=
Request Chain 1826
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=89797467634599058 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 1828
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=88A45D14-ACF1-42C5-8783-39F4189AF5BF&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=88A45D14-ACF1-42C5-8783-39F4189AF5BF&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 1829
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6212074435349714829&gdpr=0&gdpr_consent=
Request Chain 1830
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=fwsE4CpeULRkCwTifwBI53oMVOZkDwSwegvUrVEV HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 1831
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7180654624183416986&gdpr=0&gdpr_consent=
Request Chain 1832
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=RYkEgvCERJBzmmKJkidp_FD_B2w HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 1833
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDdnRVN0hUWjhBQUNDYy1XMldPQQ&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AACvtU7HTZ8AACCc-W2WOA&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AACvtU7HTZ8AACCc-W2WOA&pid=558502&do=add&gdpr=0 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACvtU7HTZ8AACCc-W2WOA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=1653069145252192142&gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACvtU7HTZ8AACCc-W2WOA&gdpr=0&gdpr_consent=
Request Chain 1834
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=Y6bPWwAF2FDiKwAe HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y6bPWwAF2FDiKwAe&gdpr=0&gdpr_consent=&_test=Y6bPWwAF2FDiKwAe HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 1835
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 1836
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 1838
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1671876443223 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4582704781
Request Chain 1841
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=e5cc4c2eac971790/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DkODCF8PznVjjWjXngjRTbTRa
Request Chain 1843
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=iKRdFKzxQsWHgzn0GJr1vw%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 1846
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3789095054 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=88A45D14-ACF1-42C5-8783-39F4189AF5BF
Request Chain 1847
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODhBNDVEMTQtQUNGMS00MkM1LTg3ODMtMzlGNDE4OUFGNUJG&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 1848
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGHLRzYLHruTaEFtQX6nyfs&google_cver=1
Request Chain 1851
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7236359441748730540 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 1853
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=88A45D14-ACF1-42C5-8783-39F4189AF5BF&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=88A45D14-ACF1-42C5-8783-39F4189AF5BF&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-twMwyZRE2uX5QtA48D9OcQklpQZVbb8-~A&gdpr=0&gdpr_consent=
Request Chain 1854
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=755320ee-2727-4208-8ed9-6b19251e856a&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_4aace8a4-3ced-4d52-835f-59428ac9be0a&bsw_param=755320ee-2727-4208-8ed9-6b19251e856a&expires=10 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=755320ee-2727-4208-8ed9-6b19251e856a&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 1857
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:ec631b23-e914-4609-9fb3-645e9fe40f74&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 1858
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3396307127223499462&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 1859
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6212074435349714829 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 1860
  • https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=844299&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=0 HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=h2WmCXc31P91r65&gdpr=0
Request Chain 1947
  • https://onetag-sys.com/usync/?redir=https%3A%2F%2Fprebid.bidstreamserver.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D HTTP 302
  • https://prebid.bidstreamserver.com/setuid?bidder=onetag&gdpr=&gdpr_consent=&f=b&uid=
Request Chain 1949
  • https://prebid.a-mo.net/cchain/0?gdpr=&us_privacy=&cb=https%3A%2F%2Fprebid.bidstreamserver.com%2Fsetuid%3Fbidder%3Damx%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D HTTP 302
  • https://prebid.bidstreamserver.com/setuid?bidder=amx&gdpr=&gdpr_consent=&f=i&uid=e34ba96c-4dff-48ce-b3df-96cd9cd1994d&gdpr=&gdpr_consent=&us_privacy=
Request Chain 1965
  • https://ad.doubleclick.net/ddm/trackimp/N526601.2621703GROUPMCOMPETENCEC/B27471378.331615144;dc_trk_aid=523976581;dc_trk_cid=168322537;ord=1671876440;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?&227609798 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N526601.2621703GROUPMCOMPETENCEC/B27471378.331615144;dc_pre=CJPfxIyBkvwCFQGJdwodrgoC6A;dc_trk_aid=523976581;dc_trk_cid=168322537;ord=1671876440;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?&227609798
Request Chain 1972
  • https://ad.doubleclick.net/ddm/trackimp/N526601.2621703GROUPMCOMPETENCEC/B27471378.331615144;dc_trk_aid=523976581;dc_trk_cid=168322537;ord=1671876440;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?&639069034 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N526601.2621703GROUPMCOMPETENCEC/B27471378.331615144;dc_pre=COPixYyBkvwCFdWyewodYzgCbg;dc_trk_aid=523976581;dc_trk_cid=168322537;ord=1671876440;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?&639069034
Request Chain 1984
  • https://ad.doubleclick.net/ddm/trackimp/N526601.2621703GROUPMCOMPETENCEC/B27471378.331615144;dc_trk_aid=523976581;dc_trk_cid=168322537;ord=1671876440;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?&971805000 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N526601.2621703GROUPMCOMPETENCEC/B27471378.331615144;dc_pre=CI6vyoyBkvwCFdeuewodwpoIPg;dc_trk_aid=523976581;dc_trk_cid=168322537;ord=1671876440;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?&971805000
Request Chain 2097
  • https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=844299&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=0 HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=12f3d347-713d-dd7a-fe33f9e7
Request Chain 2167
  • https://ad2.adfarm1.adition.com/banner?sid=4003897&gdpr=0&gdpr_consent=&kid=5351030&bid=17041482&wpt=C&ts=[timestamp]&kw=PACS_4786773_17057692_pv HTTP 302
  • https://imagesrv.adition.com/1x1.gif
Request Chain 2168
  • https://ad.doubleclick.net/ddm/trackimp/N7861.4425511PIAADVERTISINGGMBH/B28097828.340101237;dc_trk_aid=532281391;dc_trk_cid=174379125;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N7861.4425511PIAADVERTISINGGMBH/B28097828.340101237;dc_pre=COXXq42BkvwCFazjuwgdDcYEEQ;dc_trk_aid=532281391;dc_trk_cid=174379125;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=
Request Chain 2171
  • https://ad4.adfarm1.adition.com/banner?sid=4786773&kid=5389952&bid=17057692&wpt=C&ts=1256456132&gdpr=0&gdpr_consent= HTTP 302
  • https://imagesrv.adition.com/1x1.gif
Request Chain 2178
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y6bPWOa4eXFjFoTtryyD1wAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELtoEg0zw9AuV8qnWchS9f8&google_cver=1
Request Chain 2179
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJ57NvDKF-zGmN4-Sfn3qpU&google_cver=1
Request Chain 2181
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7236359441748730540&expiration=1673086047
Request Chain 2182
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=1bPmf4DmsivOs-Z91biqeNC0tnnOt-Yv0LOwaNNR
Request Chain 2184
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=RYkEgvCERJBzmmKJkidp_FD_B2w
Request Chain 2187
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6212074435349714829
Request Chain 2189
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB
Request Chain 2191
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1687601247&external_user_id=0f9dbc53-35ba-4153-8459-b79d97bf2295
Request Chain 2193
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=2d7cf11a-f2f3-4507-ab4d-0a168d870560&us_privacy=null&gdpr_consent=null&gdpr=null
Request Chain 2194
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=h2WmCXc31P91r65
Request Chain 2197
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6212074435349714829
Request Chain 2198
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB
Request Chain 2201
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=298644c7-b1d6-4806-b869-1f6b22835d3d
Request Chain 2202
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D
Request Chain 2203
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y6bPWOa4eXFjFoTtryyD1wAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELtoEg0zw9AuV8qnWchS9f8&google_cver=1
Request Chain 2208
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=1&t=pixel HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=205&external_user_id=nkh8gtcfmc1h
Request Chain 2209
  • https://x.bidswitch.net/sync?ssp=index HTTP 302
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=index HTTP 302
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=index HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=03261727-0c90-4ff7-bb00-6d9b4be2bf30&ssp=index HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=755320ee-2727-4208-8ed9-6b19251e856a&gdpr=&gdpr_consent=&us_privacy=
Request Chain 2210
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y6bPWwAF2FDiKwAe
Request Chain 2211
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Request Chain 2212
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7236359441748730540&expiration=1673086047
Request Chain 2215
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y6bPWwAF2FDiKwAe
Request Chain 2216
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=97cb63a6-cf57-4b00-93fc-283781cb1270
Request Chain 2217
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1671962847
Request Chain 2218
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=8874ED5CEE8940DDB1B8506056D965E5
Request Chain 2219
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Request Chain 2220
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=Y6bPWOa4eXFjFoTtryyD1wAA%261203 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=3b7dda92-8b9d-48c5-834d-e20f3faa1389-tuctaa054df
Request Chain 2231
  • https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=844299&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=0 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACvtU7HTZ8AACCc-W2WOA&expiration=1673086047&gdpr=0
Request Chain 2244
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=12f3d347-713d-dd7a-fe33f9e7
Request Chain 2245
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Request Chain 2246
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=6212074435349714829
Request Chain 2247
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7236359441748730540&expiration=1673086047
Request Chain 2249
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=136f47f4-34a1-43ea-aa6f-3eca94e14e02
Request Chain 2250
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=a7636e36-5869-4f9d-a2d8-78c5f4dcfb09&us_privacy=null&gdpr_consent=null&gdpr=null
Request Chain 2253
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Request Chain 2254
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=6212074435349714829
Request Chain 2256
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=12f3d347-713d-dd7a-fe33f9e7
Request Chain 2257
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=c4095d88-3eed-4fdc-8636-fc02d697815b&us_privacy=null&gdpr_consent=null&gdpr=null
Request Chain 2259
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y6bPWwAF2FDiKwAe
Request Chain 2265
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y6bPWwAF2FDiKwAe
Request Chain 2266
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=8874ED5CEE8940DDB1B8506056D965E5
Request Chain 2270
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1687601247&external_user_id=5e432e67-f557-4027-a581-a53d0d77e612
Request Chain 2271
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7236359441748730540&expiration=1673086047
Request Chain 2275
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6212074435349714829
Request Chain 2276
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=97cb63a6-cf57-4b00-93fc-283781cb1270
Request Chain 2278
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Request Chain 2280
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7236359441748730540&expiration=1673086047
Request Chain 2285
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=19e9bac6-7279-469a-c7d1881c
Request Chain 2286
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=8874ED5CEE8940DDB1B8506056D965E5
Request Chain 2287
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJ57NvDKF-zGmN4-Sfn3qpU&google_cver=1
Request Chain 2288
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7236359441748730540&expiration=1673086047
Request Chain 2290
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB
Request Chain 2291
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=53eeb8db-3785-4c2f-85cb-e96e8ceae46e
Request Chain 2292
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=97cb63a6-cf57-4b00-93fc-283781cb1270
Request Chain 2294
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=0b9f6ef8-1eba-f7b2-e9c126e0
Request Chain 2295
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=1bPmf4DmsivOs-Z91biqeNC0tnnOt-Yv0LOwaNNR
Request Chain 2296
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB
Request Chain 2297
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=97cb63a6-cf57-4b00-93fc-283781cb1270
Request Chain 2298
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6212074435349714829
Request Chain 2299
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=079b83fd-2f98-46f2-b869-5e77acad4d28&us_privacy=null&gdpr_consent=null&gdpr=null
Request Chain 2301
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y6bPWOa4eXFjFoTtryyD1wAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELtoEg0zw9AuV8qnWchS9f8&google_cver=1
Request Chain 2305
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Request Chain 2306
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=6212074435349714829
Request Chain 2307
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=12f3d347-713d-dd7a-fe33f9e7
Request Chain 2308
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1671962847
Request Chain 2310
  • https://x.bidswitch.net/sync?ssp=index HTTP 302
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=index HTTP 302
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=index HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=03261727-0c90-4ff7-bb00-6d9b4be2bf30&ssp=index HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=755320ee-2727-4208-8ed9-6b19251e856a&gdpr=&gdpr_consent=&us_privacy=
Request Chain 2311
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y6bPWwAF2FDiKwAe
Request Chain 2313
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=1bPmf4DmsivOs-Z91biqeNC0tnnOt-Yv0LOwaNNR
Request Chain 2316
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=bb2eca1b-cf4e-4e2f-85fc-0b411418b3d7
Request Chain 2317
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=3a5db520-8ea6-4809-891c-cafac963261b&us_privacy=null&gdpr_consent=null&gdpr=null
Request Chain 2318
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7236359441748730540&expiration=1673086047
Request Chain 2319
  • https://x.bidswitch.net/sync?ssp=index HTTP 302
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=index&bsw_custom_parameter=755320ee-2727-4208-8ed9-6b19251e856a HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=index&expires=10&bsw_param=755320ee-2727-4208-8ed9-6b19251e856a HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=755320ee-2727-4208-8ed9-6b19251e856a&gdpr=&gdpr_consent=&us_privacy=
Request Chain 2320
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y6bPWOa4eXFjFoTtryyD1wAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELtoEg0zw9AuV8qnWchS9f8&google_cver=1
Request Chain 2338
  • https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=844299&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=0 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACvtU7HTZ8AACCc-W2WOA&expiration=1673086047&gdpr=0
Request Chain 2355
  • https://pixel.adsafeprotected.com/rfw/st/992712/61653181/skeleton.js?782325539&adsafe_url=https%3A%2F%2Fforward.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fforward.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fflashnetic.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dsqwwysn%26e%3D1535582086632&adsafe_type=bed&adsafe_jsinfo=,id:3f7b216e-2265-fe8c-d694-beffe1a4ac1c,c:xHUyYh,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-5bd77c4f97-xpsbj,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:t1,mtim:3677,mot:0,app:0,maw:0,fm:tqVxaMf+11%7C121%7C131%7C141%7C151%7C161%7C171%7C181%7C191%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e11%7C1e12%7C1e13%7C1f11%7C1f12%7C1f13%7C1g1%7C1g21%7C1g3%7C1g4%7C1g5%7C1h11%7C1h12%7C1h2%7C1h3%7C1h41%7C1h5%7C1i11%7C1i12%7C1i13%7C1i2%7C1i31%7C1i4%7C1i5%7C1j11%7C1j12%7C1j2%7C1j31%7C1j4%7C1j5%7C1k11%7C1k12%7C1k21%7C1k3%7C1k4%7C1k5%7C1l11%7C1l12%7C1l2%7C1l3%7C1l4%7C1l51%7C1m11%7C1m12%7C1m2%7C1m31%7C1m4%7C1m5%7C1n1*.992712-61653181%7C1n11%7C1n12%7C1n2%7C1n3%7C1n4%7C1n51%7C1o11%7C1o12%7C1o21%7C1o3%7C1o4%7C1o5%7C1p11%7C1p12%7C1p13%7C1p14%7C1p15%7C1p2%7C1p3%7C1p41%7C1p5%7C1q11%7C1q12%7C1q2%7C1q3%7C1q4%7C1q51%7C1r11%7C1r12%7C1r13%7C1r2%7C1r3%7C1r41%7C1r5%7C1s11%7C1s12%7C1s2%7C1s3%7C1s4%7C1s51%7C1t%7C1u11%7C1v11%7C1v12%7C1v21%7C1v3%7C1v4%7C1v5%7C1w1%7C1w2%7C1w3%7C1w41%7C1w5%7C1x1%7C1x21%7C1x3%7C1x4%7C1x5%7C1y11%7C1y12%7C1y2%7C1y31%7C1y4%7C1y5%7C1z11%7C1z12%7C1z2%7C1z3%7C1z41%7C1z5%7C11011%7C11012%7C1102%7C11031%7C1104%7C1105%7C1111%7C1112%7C11131%7C1114%7C1115%7C11211%7C11212%7C1122%7C1123%7C1124%7C11251%7C1131%7C1132%7C1133%7C1134%7C11351%7C11411%7C11412%7C1142%7C1143%7C11441%7C1145%7C11511%7C11611%7C1171%7C1172%7C1173%7C1174%7C1175%7C11811%7C11812%7C1182%7C1183%7C1184%7C1185%7C11911%7C11912%7C1192%7C1193%7C1194%7C1195%7C11a11%7C11a12%7C11a2%7C11a3%7C11a4%7C11a5%7C11b1%7C11b2%7C11b3%7C11b4%7C11b5%7C11c1%7C11c2%7C11c3%7C11c4%7C11c5%7C11d11%7C11d12%7C11d2%7C11d3%7C11d4%7C11d5%7C11e11%7C11e12%7C11e21%7C11f11%7C11f12%7C11f2%7C11g11%7C11h11%7C11h12%7C11h2%7C11i11%7C11i12%7C11i2%7C11j1%7C11k1%7C11l1%7C11m1%7C11n1%7C11o1%7C11p1%7C11q1%7C11r1%7C11s1%7C11t1%7C11u1%7C11v1%7C11w1%7C11x1%7C11y1%7C11z1%7C11z21%7C11z22%7C11z23%7C11z24%7C11z25%7C11z26%7C11z27%7C11z28%7C11z29%7C11z2a%7C11z2b%7C11z2c%7C11z2d%7C11z2e%7C11z2f%7C11z2g%7C11z2h%7C11z2i%7C11z3%7C11z4%7C1201%7C1202%7C1203%7C1204%7C1211%7C1212%7C1213%7C1214%7C1221%7C1222%7C1223%7C1224%7C1231%7C1232%7C1233%7C1234,idMap:1n1*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,tt:rjss,et:3731,oid:c12ebf87-8372-11ed-814a-3612801afbf5,v:19.8.377,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/skeleton.js?782325539
Request Chain 2357
  • https://pixel.adsafeprotected.com/rfw/st/992712/61653181/skeleton.js?34678416&adsafe_url=https%3A%2F%2Fforward.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fforward.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fflashnetic.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dgsuhtufxa%26e%3D1535582086632&adsafe_type=bed&adsafe_jsinfo=,id:83f3ab22-d8e3-dcc6-a856-f4ed86a77a42,c:xHUyZi,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-5bd77c4f97-dbwj5,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:t1,mtim:3739,mot:0,app:0,maw:0,fm:tqVxaMu+11%7C121%7C131%7C141%7C151%7C161%7C171%7C181%7C191%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e11%7C1e12%7C1e13%7C1f11%7C1f12%7C1f13%7C1g1%7C1g21%7C1g3%7C1g4%7C1g5%7C1h11%7C1h12%7C1h2%7C1h3%7C1h41%7C1h5%7C1i11%7C1i12%7C1i13%7C1i2%7C1i31%7C1i4%7C1i5%7C1j11%7C1j12%7C1j2%7C1j31%7C1j4%7C1j5%7C1k11%7C1k12%7C1k21%7C1k3%7C1k4%7C1k5%7C1l11%7C1l12%7C1l2%7C1l3%7C1l4%7C1l51%7C1m11%7C1m12%7C1m2%7C1m31%7C1m4%7C1m5%7C1n11%7C1n12%7C1n13%7C1n2%7C1n3%7C1n4%7C1n51%7C1o1*.992712-61653181%7C1o11%7C1o12%7C1o21%7C1o3%7C1o4%7C1o5%7C1p11%7C1p12%7C1p13%7C1p14%7C1p15%7C1p2%7C1p3%7C1p41%7C1p5%7C1q11%7C1q12%7C1q2%7C1q3%7C1q4%7C1q51%7C1r11%7C1r12%7C1r13%7C1r2%7C1r3%7C1r41%7C1r5%7C1s11%7C1s12%7C1s2%7C1s3%7C1s4%7C1s51%7C1t%7C1u11%7C1v11%7C1v12%7C1v21%7C1v3%7C1v4%7C1v5%7C1w1%7C1w2%7C1w3%7C1w41%7C1w5%7C1x1%7C1x21%7C1x3%7C1x4%7C1x5%7C1y11%7C1y12%7C1y2%7C1y31%7C1y4%7C1y5%7C1z11%7C1z12%7C1z2%7C1z3%7C1z41%7C1z5%7C11011%7C11012%7C1102%7C11031%7C1104%7C1105%7C1111%7C1112%7C11131%7C1114%7C1115%7C11211%7C11212%7C1122%7C1123%7C1124%7C11251%7C1131%7C1132%7C1133%7C1134%7C11351%7C11411%7C11412%7C1142%7C1143%7C11441%7C1145%7C11511%7C11611%7C1171%7C1172%7C1173%7C1174%7C1175%7C11811%7C11812%7C1182%7C1183%7C1184%7C1185%7C11911%7C11912%7C1192%7C1193%7C1194%7C1195%7C11a11%7C11a12%7C11a2%7C11a3%7C11a4%7C11a5%7C11b1%7C11b2%7C11b3%7C11b4%7C11b5%7C11c1%7C11c2%7C11c3%7C11c4%7C11c5%7C11d11%7C11d12%7C11d2%7C11d3%7C11d4%7C11d5%7C11e11%7C11e12%7C11e21%7C11f11%7C11f12%7C11f2%7C11g11%7C11h11%7C11h12%7C11h2%7C11i11%7C11i12%7C11i2%7C11j1%7C11k1%7C11l1%7C11m1%7C11n1%7C11o1%7C11p1%7C11q1%7C11r1%7C11s1%7C11t1%7C11u1%7C11v1%7C11w1%7C11x1%7C11y1%7C11z1%7C11z21%7C11z22%7C11z23%7C11z24%7C11z25%7C11z26%7C11z27%7C11z28%7C11z29%7C11z2a%7C11z2b%7C11z2c%7C11z2d%7C11z2e%7C11z2f%7C11z2g%7C11z2h%7C11z2i%7C11z3%7C11z4%7C1201%7C1202%7C1203%7C1204%7C1211%7C1212%7C1213%7C1214%7C1221%7C1222%7C1223%7C1224%7C1231%7C1232%7C1233%7C1234,idMap:1o1*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,tt:rjss,et:3779,oid:c1380e61-8372-11ed-9b5a-8eff2bde7aac,v:19.8.377,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/skeleton.js?34678416
Request Chain 2368
  • https://ad.doubleclick.net/ddm/trackimp/N7861.4425511PIAADVERTISINGGMBH/B28713148.352526337;dc_trk_aid=540623886;dc_trk_cid=180161300;ord=7180654649941363469;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N7861.4425511PIAADVERTISINGGMBH/B28713148.352526337;dc_pre=CNGf5Y2BkvwCFamT_QcdrHQKwA;dc_trk_aid=540623886;dc_trk_cid=180161300;ord=7180654649941363469;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=
Request Chain 2381
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=8874ED5CEE8940DDB1B8506056D965E5
Request Chain 2383
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=12f3d347-713d-dd7a-fe33f9e7
Request Chain 2385
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Request Chain 2386
  • https://x.bidswitch.net/sync?ssp=index HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=index&bsw_custom_parameter=755320ee-2727-4208-8ed9-6b19251e856a HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=index&bsw_custom_parameter=755320ee-2727-4208-8ed9-6b19251e856a HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=42cda133-5d22-44e1-a0f2-c788baa8b708&ssp=index&expires=30&user_group=5&bsw_param=755320ee-2727-4208-8ed9-6b19251e856a HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=755320ee-2727-4208-8ed9-6b19251e856a&gdpr=&gdpr_consent=&us_privacy=
Request Chain 2387
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1671962847
Request Chain 2392
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB
Request Chain 2394
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y6bPWOa4eXFjFoTtryyD1wAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELtoEg0zw9AuV8qnWchS9f8&google_cver=1
Request Chain 2396
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=6212074435349714829
Request Chain 2398
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7236359441748730540&expiration=1673086047
Request Chain 2401
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGePjeZ6fw-6SZkWLJ-mk0s&google_cver=1
Request Chain 2402
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEMxUzI5TEYtMU8tR1VWOQ==
Request Chain 2403
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=AzC1aBkkTvS7yzV25ffwSg&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=AzC1aBkkTvS7yzV25ffwSg
Request Chain 2404
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LC1S29LF-1O-GUV9
Request Chain 2405
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=XIA8qfQDQ-W4ueFUFpwK_Q&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=XIA8qfQDQ-W4ueFUFpwK_Q
Request Chain 2406
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/v0gFsmRPRMp7vFCLZAssYcn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-cajZFmVE2oKnn2UKIb5qBG5pVtYlYArHwdBhdA--~A
Request Chain 2407
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjQ5OTNmYTc2NDMyOGNiODY5YmM4YTdjNTdmZDJlNjAxYmZmMDJmYg
Request Chain 2411
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Request Chain 2412
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJ57NvDKF-zGmN4-Sfn3qpU&google_cver=1
Request Chain 2414
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6212074435349714829
Request Chain 2416
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=8874ED5CEE8940DDB1B8506056D965E5
Request Chain 2417
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1671962847
Request Chain 2427
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=12f3d347-713d-dd7a-fe33f9e7
Request Chain 2428
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=6212074435349714829
Request Chain 2429
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Request Chain 2430
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Request Chain 2431
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D
Request Chain 2436
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y6bPWOa4eXFjFoTtryyD1wAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELtoEg0zw9AuV8qnWchS9f8&google_cver=1
Request Chain 2438
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJ57NvDKF-zGmN4-Sfn3qpU&google_cver=1
Request Chain 2439
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7236359441748730540&expiration=1673086047
Request Chain 2440
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB
Request Chain 2441
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y6bPWwAF2FDiKwAe
Request Chain 2446
  • https://cm.ctnsnet.com/int/cm?exc=19 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=6b65e8f67c574f6783cc100621111b41&expiration=1674468447
Request Chain 2449
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=Y6bPWOa4eXFjFoTtryyD1wAA%261203 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=680c0b47-18d3-4815-8c9d-099fa02ba26d-tuctaa054df
Request Chain 2450
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=6212074435349714829
Request Chain 2451
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=1bPmf4DmsivOs-Z91biqeNC0tnnOt-Yv0LOwaNNR
Request Chain 2452
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=97cb63a6-cf57-4b00-93fc-283781cb1270
Request Chain 2473
  • https://pixel.adsafeprotected.com/rfw/st/992712/61653181/skeleton.js?737021620&adsafe_url=https%3A%2F%2Fforward.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fforward.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fflashnetic.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Defljs%26e%3D1535582086632&adsafe_type=bed&adsafe_jsinfo=,id:49e132d2-5ad6-58a6-64ce-f1e52a531ee1,c:xHUz6m,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-5bd77c4f97-xpsbj,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:t1,mtim:4435,mot:0,app:0,maw:0,fm:tqVxaI2+11%7C121%7C131%7C141%7C151%7C161%7C171%7C181%7C191%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e11%7C1e12%7C1e13%7C1f11%7C1f12%7C1f13%7C1g11%7C1g21%7C1g3%7C1g4%7C1g5%7C1h11%7C1h12%7C1h2%7C1h3%7C1h41%7C1h5%7C1i11%7C1i12%7C1i13%7C1i2%7C1i31%7C1i4%7C1i5%7C1j1*.992712-61653181%7C1j11%7C1j12%7C1j2%7C1j31%7C1j4%7C1j5%7C1k11%7C1k12%7C1k21%7C1k3%7C1k4%7C1k5%7C1l11%7C1l12%7C1l2%7C1l3%7C1l4%7C1l51%7C1m11%7C1m12%7C1m2%7C1m31%7C1m4%7C1m5%7C1n11%7C1n12%7C1n13%7C1n2%7C1n3%7C1n4%7C1n51%7C1o11%7C1o12%7C1o13%7C1o21%7C1o3%7C1o4%7C1o5%7C1p11%7C1p12%7C1p13%7C1p14%7C1p15%7C1p2%7C1p3%7C1p41%7C1p5%7C1q11%7C1q12%7C1q2%7C1q3%7C1q4%7C1q51%7C1r11%7C1r12%7C1r13%7C1r2%7C1r3%7C1r41%7C1r5%7C1s11%7C1s12%7C1s13%7C1s2%7C1s3%7C1s4%7C1s51%7C1t%7C1u11%7C1u12%7C1u13%7C1v11%7C1v12%7C1v21%7C1v3%7C1v4%7C1v5%7C1w11%7C1w2%7C1w3%7C1w41%7C1w5%7C1x1%7C1x21%7C1x3%7C1x4%7C1x5%7C1y11%7C1y12%7C1y2%7C1y31%7C1y4%7C1y5%7C1z11%7C1z12%7C1z2%7C1z3%7C1z41%7C1z5%7C11011%7C11012%7C1102%7C11031%7C1104%7C1105%7C1111%7C1112%7C11131%7C1114%7C1115%7C11211%7C11212%7C1122%7C1123%7C1124%7C11251%7C11311%7C1132%7C1133%7C1134%7C11351%7C11411%7C11412%7C1142%7C1143%7C11441%7C1145%7C11511%7C11611%7C1171%7C11721%7C1173%7C1174%7C1175%7C11811%7C11812%7C11821%7C1183%7C1184%7C1185%7C11911%7C11912%7C11921%7C1193%7C1194%7C1195%7C11a11%7C11a12%7C11a21%7C11a3%7C11a4%7C11a5%7C11b1%7C11b2%7C11b3%7C11b4%7C11b5%7C11c1%7C11c2%7C11c3%7C11c4%7C11c5%7C11d11%7C11d12%7C11d2%7C11d3%7C11d4%7C11d5%7C11e11%7C11e12%7C11e21%7C11f11%7C11f12%7C11f2%7C11g11%7C11g2%7C11g3%7C11g4%7C11g5%7C11h11%7C11h12%7C11h2%7C11i11%7C11i12%7C11i2%7C11j1%7C11k1%7C11l1%7C11m1%7C11n1%7C11o1%7C11p1%7C11q1%7C11q21%7C11q22%7C11q23%7C11q24%7C11q25%7C11q26%7C11q27%7C11q28%7C11q29%7C11q2a%7C11q2b%7C11q2c%7C11q2d%7C11q2e%7C11q2f%7C11q2g%7C11q2h%7C11q2i%7C11q3%7C11q4%7C11r1%7C11r2%7C11r3%7C11r4%7C11s1%7C11s2%7C11s3%7C11s4%7C11t1%7C11t2%7C11t3%7C11t4%7C11u1%7C11u2%7C11u3%7C11u4,idMap:1j1*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,tt:rjss,et:4493,oid:c122635a-8372-11ed-814a-3612801afbf5,v:19.8.377,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/skeleton.js?737021620
Request Chain 2490
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7236359441748730540&expiration=1673086047
Request Chain 2491
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Request Chain 2492
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=97cb63a6-cf57-4b00-93fc-283781cb1270
Request Chain 2494
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=1bPmf4DmsivOs-Z91biqeNC0tnnOt-Yv0LOwaNNR
Request Chain 2496
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB
Request Chain 2499
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=8874ED5CEE8940DDB1B8506056D965E5
Request Chain 2500
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y6bPWOa4eXFjFoTtryyD1wAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELtoEg0zw9AuV8qnWchS9f8&google_cver=1
Request Chain 2501
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJ57NvDKF-zGmN4-Sfn3qpU&google_cver=1
Request Chain 2502
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Request Chain 2503
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=97cb63a6-cf57-4b00-93fc-283781cb1270
Request Chain 2504
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB
Request Chain 2509
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=1bPmf4DmsivOs-Z91biqeNC0tnnOt-Yv0LOwaNNR
Request Chain 2510
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y6bPWwAF2FDiKwAe
Request Chain 2512
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=RYkEgvCERJBzmmKJkidp_FD_B2w
Request Chain 2513
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJ57NvDKF-zGmN4-Sfn3qpU&google_cver=1
Request Chain 2515
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Request Chain 2518
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D
Request Chain 2519
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Request Chain 2520
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7236359441748730540&expiration=1673086048
Request Chain 2521
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJ57NvDKF-zGmN4-Sfn3qpU&google_cver=1
Request Chain 2522
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB
Request Chain 2523
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Request Chain 2524
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=7d2a33d9-288a-4a0a-9f0d-22b46e993a01
Request Chain 2527
  • https://pixel.adsafeprotected.com/rfw/st/992712/61653181/skeleton.js?14052602&adsafe_url=https%3A%2F%2Fforward.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fforward.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fflashnetic.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dicavjgt%26e%3D1535582086632&adsafe_type=bed&adsafe_jsinfo=,id:878338a6-51f7-9396-3e8a-3135cb5fa0a7,c:xHUza1,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-5bd77c4f97-v4z95,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:t1,mtim:4581,mot:0,app:0,maw:0,fm:tqVxaJD+11%7C121%7C131%7C141%7C151%7C161%7C171%7C181%7C191%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e11%7C1e12%7C1e13%7C1f11%7C1f12%7C1f13%7C1g11%7C1g21%7C1g3%7C1g4%7C1g5%7C1h1*.992712-61653181%7C1h11%7C1h12%7C1h2%7C1h3%7C1h41%7C1h5%7C1i11%7C1i12%7C1i13%7C1i2%7C1i31%7C1i4%7C1i5%7C1j11%7C1j12%7C1j13%7C1j2%7C1j31%7C1j4%7C1j5%7C1k11%7C1k12%7C1k21%7C1k3%7C1k4%7C1k5%7C1l11%7C1l12%7C1l2%7C1l3%7C1l4%7C1l51%7C1m11%7C1m12%7C1m2%7C1m31%7C1m4%7C1m5%7C1n11%7C1n12%7C1n13%7C1n14%7C1n2%7C1n3%7C1n4%7C1n51%7C1o11%7C1o12%7C1o13%7C1o21%7C1o3%7C1o4%7C1o5%7C1p11%7C1p12%7C1p13%7C1p14%7C1p15%7C1p2%7C1p3%7C1p41%7C1p5%7C1q11%7C1q12%7C1q2%7C1q3%7C1q4%7C1q51%7C1r11%7C1r12%7C1r13%7C1r2%7C1r3%7C1r41%7C1r5%7C1s11%7C1s12%7C1s13%7C1s2%7C1s3%7C1s4%7C1s51%7C1t%7C1u11%7C1u12%7C1u13%7C1v11%7C1v12%7C1v21%7C1v3%7C1v4%7C1v5%7C1w11%7C1w2%7C1w3%7C1w41%7C1w5%7C1x1%7C1x21%7C1x3%7C1x4%7C1x5%7C1y11%7C1y12%7C1y2%7C1y31%7C1y4%7C1y5%7C1z11%7C1z12%7C1z2%7C1z3%7C1z41%7C1z5%7C11011%7C11012%7C1102%7C11031%7C1104%7C1105%7C1111%7C1112%7C11131%7C1114%7C1115%7C11211%7C11212%7C1122%7C1123%7C1124%7C11251%7C11311%7C1132%7C1133%7C1134%7C11351%7C11411%7C11412%7C1142%7C1143%7C11441%7C1145%7C11511%7C11611%7C1171%7C11721%7C1173%7C1174%7C1175%7C11811%7C11812%7C11821%7C1183%7C1184%7C1185%7C11911%7C11912%7C11921%7C1193%7C1194%7C1195%7C11a11%7C11a12%7C11a21%7C11a3%7C11a4%7C11a5%7C11b1%7C11b21%7C11b3%7C11b4%7C11b5%7C11c1%7C11c2%7C11c3%7C11c4%7C11c51%7C11d11%7C11d12%7C11d21%7C11d3%7C11d4%7C11d5%7C11e11%7C11e12%7C11e21%7C11f11%7C11f12%7C11f2%7C11g11%7C11g2%7C11g3%7C11g4%7C11g5%7C11h11%7C11h12%7C11h2%7C11i11%7C11i12%7C11i2%7C11j1%7C11k1%7C11l1%7C11m1%7C11n1%7C11o1%7C11o21%7C11o22%7C11o23%7C11o24%7C11o25%7C11o26%7C11o27%7C11o28%7C11o29%7C11o2a%7C11o2b%7C11o2c%7C11o2d%7C11o2e%7C11o2f%7C11o2g%7C11o2h%7C11o2i%7C11o3%7C11o4%7C11p1%7C11p2%7C11p3%7C11p4%7C11q1%7C11q2%7C11q3%7C11q4%7C11r1%7C11r2%7C11r3%7C11r4%7C11s1%7C11s2%7C11s3%7C11s4,idMap:1h1*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,tt:rjss,et:4621,oid:c1245f21-8372-11ed-9df9-4e1e637a279d,v:19.8.377,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/skeleton.js?14052602
Request Chain 2532
  • https://pixel.adsafeprotected.com/rfw/st/992712/61653181/skeleton.js?552641338&adsafe_url=https%3A%2F%2Fforward.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fforward.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fflashnetic.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dybwpafwce%26e%3D1535582086632&adsafe_type=bed&adsafe_jsinfo=,id:861dc8b1-c04a-f2f7-814a-af5215a5f97b,c:xHUzaV,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-experiment-primary-6bd6bc5bb-rv4kk,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:t1,mtim:4632,mot:0,app:0,maw:0,fm:tqVxaJH+11%7C121%7C131%7C141%7C151%7C161%7C171%7C181%7C191%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e11%7C1e12%7C1e13%7C1f11%7C1f12%7C1f13%7C1g11%7C1g21%7C1g3%7C1g4%7C1g5%7C1h11%7C1h12%7C1h13%7C1h2%7C1h3%7C1h41%7C1h5%7C1i11%7C1i12%7C1i13%7C1i2%7C1i31%7C1i4%7C1i5%7C1j11%7C1j12%7C1j13%7C1j2%7C1j31%7C1j4%7C1j5%7C1k1*.992712-61653181%7C1k11%7C1k12%7C1k21%7C1k3%7C1k4%7C1k5%7C1l11%7C1l12%7C1l2%7C1l3%7C1l4%7C1l51%7C1m11%7C1m12%7C1m2%7C1m31%7C1m4%7C1m5%7C1n11%7C1n12%7C1n13%7C1n14%7C1n2%7C1n3%7C1n4%7C1n51%7C1o11%7C1o12%7C1o13%7C1o21%7C1o3%7C1o4%7C1o5%7C1p11%7C1p12%7C1p13%7C1p14%7C1p15%7C1p2%7C1p3%7C1p41%7C1p5%7C1q11%7C1q12%7C1q2%7C1q3%7C1q4%7C1q51%7C1r11%7C1r12%7C1r13%7C1r2%7C1r3%7C1r41%7C1r5%7C1s11%7C1s12%7C1s13%7C1s2%7C1s3%7C1s4%7C1s51%7C1t%7C1u11%7C1u12%7C1u13%7C1v11%7C1v12%7C1v21%7C1v3%7C1v4%7C1v5%7C1w11%7C1w2%7C1w3%7C1w41%7C1w5%7C1x1%7C1x21%7C1x3%7C1x4%7C1x5%7C1y11%7C1y12%7C1y2%7C1y31%7C1y4%7C1y5%7C1z11%7C1z12%7C1z2%7C1z3%7C1z41%7C1z5%7C11011%7C11012%7C1102%7C11031%7C1104%7C1105%7C1111%7C1112%7C11131%7C1114%7C1115%7C11211%7C11212%7C1122%7C1123%7C1124%7C11251%7C11311%7C1132%7C1133%7C1134%7C11351%7C11411%7C11412%7C1142%7C1143%7C11441%7C1145%7C11511%7C11611%7C1171%7C11721%7C1173%7C1174%7C1175%7C11811%7C11812%7C11821%7C1183%7C1184%7C1185%7C11911%7C11912%7C11921%7C1193%7C1194%7C1195%7C11a11%7C11a12%7C11a21%7C11a3%7C11a4%7C11a5%7C11b1%7C11b21%7C11b3%7C11b4%7C11b5%7C11c1%7C11c2%7C11c3%7C11c4%7C11c51%7C11d11%7C11d12%7C11d21%7C11d3%7C11d4%7C11d5%7C11e11%7C11e12%7C11e21%7C11f11%7C11f12%7C11f2%7C11g11%7C11g2%7C11g3%7C11g4%7C11g5%7C11h11%7C11h12%7C11h2%7C11i11%7C11i12%7C11i2%7C11j1%7C11k1%7C11l1%7C11m1%7C11n1%7C11o1%7C11o21%7C11o22%7C11o23%7C11o24%7C11o25%7C11o26%7C11o27%7C11o28%7C11o29%7C11o2a%7C11o2b%7C11o2c%7C11o2d%7C11o2e%7C11o2f%7C11o2g%7C11o2h%7C11o2i%7C11o3%7C11o4%7C11p1%7C11p2%7C11p3%7C11p4%7C11q1%7C11q2%7C11q3%7C11q4%7C11r1%7C11r2%7C11r3%7C11r4%7C11s1%7C11s2%7C11s3%7C11s4,idMap:1k1*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,tt:rjss,et:4673,oid:c125e576-8372-11ed-b89b-669aea6ba4c2,v:19.8.377,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/skeleton.js?552641338
Request Chain 2534
  • https://pixel.adsafeprotected.com/rfw/st/992712/61653181/skeleton.js?816239869&adsafe_url=https%3A%2F%2Fforward.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fforward.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fflashnetic.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dhxphinku%26e%3D1535582086632&adsafe_type=bed&adsafe_jsinfo=,id:5ec149a1-d9d7-c260-9367-c9e16a931eca,c:xHUzbW,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-5bd77c4f97-rp6bx,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:t1,mtim:4671,mot:0,app:0,maw:0,fm:tqVxaK4+11%7C121%7C131%7C141%7C151%7C161%7C171%7C181%7C191%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e11%7C1e12%7C1e13%7C1f11%7C1f12%7C1f13%7C1g11%7C1g21%7C1g3%7C1g4%7C1g5%7C1h11%7C1h12%7C1h13%7C1h2%7C1h3%7C1h41%7C1h5%7C1i11%7C1i12%7C1i13%7C1i2%7C1i31%7C1i4%7C1i5%7C1j11%7C1j12%7C1j13%7C1j2%7C1j31%7C1j4%7C1j5%7C1k11%7C1k12%7C1k13%7C1k21%7C1k3%7C1k4%7C1k5%7C1l1*.992712-61653181%7C1l11%7C1l12%7C1l2%7C1l3%7C1l4%7C1l51%7C1m11%7C1m12%7C1m2%7C1m31%7C1m4%7C1m5%7C1n11%7C1n12%7C1n13%7C1n14%7C1n2%7C1n3%7C1n4%7C1n51%7C1o11%7C1o12%7C1o13%7C1o21%7C1o3%7C1o4%7C1o5%7C1p11%7C1p12%7C1p13%7C1p14%7C1p15%7C1p2%7C1p3%7C1p41%7C1p5%7C1q11%7C1q12%7C1q2%7C1q3%7C1q4%7C1q51%7C1r11%7C1r12%7C1r13%7C1r2%7C1r3%7C1r41%7C1r5%7C1s11%7C1s12%7C1s13%7C1s2%7C1s3%7C1s4%7C1s51%7C1t%7C1u11%7C1u12%7C1u13%7C1v11%7C1v12%7C1v21%7C1v3%7C1v4%7C1v5%7C1w11%7C1w2%7C1w3%7C1w41%7C1w5%7C1x1%7C1x21%7C1x3%7C1x4%7C1x5%7C1y11%7C1y12%7C1y2%7C1y31%7C1y4%7C1y5%7C1z11%7C1z12%7C1z2%7C1z3%7C1z41%7C1z5%7C11011%7C11012%7C1102%7C11031%7C1104%7C1105%7C1111%7C1112%7C11131%7C1114%7C1115%7C11211%7C11212%7C1122%7C1123%7C1124%7C11251%7C11311%7C1132%7C1133%7C1134%7C11351%7C11411%7C11412%7C1142%7C1143%7C11441%7C1145%7C11511%7C11611%7C1171%7C11721%7C1173%7C1174%7C1175%7C11811%7C11812%7C11821%7C1183%7C1184%7C1185%7C11911%7C11912%7C11921%7C1193%7C1194%7C1195%7C11a11%7C11a12%7C11a21%7C11a3%7C11a4%7C11a5%7C11b1%7C11b21%7C11b3%7C11b4%7C11b5%7C11c1%7C11c2%7C11c3%7C11c4%7C11c51%7C11d11%7C11d12%7C11d21%7C11d3%7C11d4%7C11d5%7C11e11%7C11e12%7C11e21%7C11f11%7C11f12%7C11f2%7C11g11%7C11g2%7C11g3%7C11g4%7C11g5%7C11h11%7C11h12%7C11h2%7C11i11%7C11i12%7C11i2%7C11j1%7C11k1%7C11l1%7C11m1%7C11n1%7C11o1%7C11o21%7C11o22%7C11o23%7C11o24%7C11o25%7C11o26%7C11o27%7C11o28%7C11o29%7C11o2a%7C11o2b%7C11o2c%7C11o2d%7C11o2e%7C11o2f%7C11o2g%7C11o2h%7C11o2i%7C11o3%7C11o4%7C11p1%7C11p2%7C11p3%7C11p4%7C11q1%7C11q2%7C11q3%7C11q4%7C11r1%7C11r2%7C11r3%7C11r4%7C11s1%7C11s2%7C11s3%7C11s4,idMap:1l1*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,tt:rjss,et:4713,oid:c127459d-8372-11ed-a6c9-3e4ad5e74ae2,v:19.8.377,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/skeleton.js?816239869
Request Chain 2536
  • https://pixel.adsafeprotected.com/rfw/st/992712/61653181/skeleton.js?540482748&adsafe_url=https%3A%2F%2Fforward.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fforward.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fflashnetic.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dajdxfouger%26e%3D1535582086632&adsafe_type=bed&adsafe_jsinfo=,id:8536ba99-d871-e3dd-3aa1-3d35833fd27b,c:xHUzcM,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-5bd77c4f97-msbnc,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:t1,mtim:4713,mot:0,app:0,maw:0,fm:tqVxaKf+11%7C121%7C131%7C141%7C151%7C161%7C171%7C181%7C191%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e11%7C1e12%7C1e13%7C1f11%7C1f12%7C1f13%7C1g11%7C1g21%7C1g3%7C1g4%7C1g5%7C1h11%7C1h12%7C1h13%7C1h2%7C1h3%7C1h41%7C1h5%7C1i11%7C1i12%7C1i13%7C1i2%7C1i31%7C1i4%7C1i5%7C1j11%7C1j12%7C1j13%7C1j2%7C1j31%7C1j4%7C1j5%7C1k11%7C1k12%7C1k13%7C1k21%7C1k3%7C1k4%7C1k5%7C1l11%7C1l12%7C1l13%7C1l2%7C1l3%7C1l4%7C1l51%7C1m1*.992712-61653181%7C1m11%7C1m12%7C1m2%7C1m31%7C1m4%7C1m5%7C1n11%7C1n12%7C1n13%7C1n14%7C1n2%7C1n3%7C1n4%7C1n51%7C1o11%7C1o12%7C1o13%7C1o21%7C1o3%7C1o4%7C1o5%7C1p11%7C1p12%7C1p13%7C1p14%7C1p15%7C1p2%7C1p3%7C1p41%7C1p5%7C1q11%7C1q12%7C1q2%7C1q3%7C1q4%7C1q51%7C1r11%7C1r12%7C1r13%7C1r2%7C1r3%7C1r41%7C1r5%7C1s11%7C1s12%7C1s13%7C1s2%7C1s3%7C1s4%7C1s51%7C1t%7C1u11%7C1u12%7C1u13%7C1v11%7C1v12%7C1v21%7C1v3%7C1v4%7C1v5%7C1w11%7C1w2%7C1w3%7C1w41%7C1w5%7C1x1%7C1x21%7C1x3%7C1x4%7C1x5%7C1y11%7C1y12%7C1y2%7C1y31%7C1y4%7C1y5%7C1z11%7C1z12%7C1z2%7C1z3%7C1z41%7C1z5%7C11011%7C11012%7C1102%7C11031%7C1104%7C1105%7C1111%7C1112%7C11131%7C1114%7C1115%7C11211%7C11212%7C1122%7C1123%7C1124%7C11251%7C11311%7C1132%7C1133%7C1134%7C11351%7C11411%7C11412%7C1142%7C1143%7C11441%7C1145%7C11511%7C11611%7C1171%7C11721%7C1173%7C1174%7C1175%7C11811%7C11812%7C11821%7C1183%7C1184%7C1185%7C11911%7C11912%7C11921%7C1193%7C1194%7C1195%7C11a11%7C11a12%7C11a21%7C11a3%7C11a4%7C11a5%7C11b1%7C11b21%7C11b3%7C11b4%7C11b5%7C11c1%7C11c2%7C11c3%7C11c4%7C11c51%7C11d11%7C11d12%7C11d21%7C11d3%7C11d4%7C11d5%7C11e11%7C11e12%7C11e21%7C11f11%7C11f12%7C11f2%7C11g11%7C11g2%7C11g3%7C11g4%7C11g5%7C11h11%7C11h12%7C11h2%7C11i11%7C11i12%7C11i2%7C11j1%7C11k1%7C11l1%7C11m1%7C11n1%7C11o1%7C11o21%7C11o22%7C11o23%7C11o24%7C11o25%7C11o26%7C11o27%7C11o28%7C11o29%7C11o2a%7C11o2b%7C11o2c%7C11o2d%7C11o2e%7C11o2f%7C11o2g%7C11o2h%7C11o2i%7C11o3%7C11o4%7C11p1%7C11p2%7C11p3%7C11p4%7C11q1%7C11q2%7C11q3%7C11q4%7C11r1%7C11r2%7C11r3%7C11r4%7C11s1%7C11s2%7C11s3%7C11s4,idMap:1m1*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,tt:rjss,et:4754,oid:c12b642a-8372-11ed-88d8-fe1e24b7a741,v:19.8.377,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/skeleton.js?540482748
Request Chain 2558
  • https://ad.doubleclick.net/ddm/trackimp/N7861.4425511PIAADVERTISINGGMBH/B28713148.352526337;dc_trk_aid=540623886;dc_trk_cid=180161300;ord=7180654654246685453;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N7861.4425511PIAADVERTISINGGMBH/B28713148.352526337;dc_pre=CIjpno6BkvwCFdqHdwod1wQODw;dc_trk_aid=540623886;dc_trk_cid=180161300;ord=7180654654246685453;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=
Request Chain 2569
  • https://ad.doubleclick.net/ddm/trackimp/N7861.4425511PIAADVERTISINGGMBH/B28713148.352526337;dc_trk_aid=540623886;dc_trk_cid=180161300;ord=7180654654252321549;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N7861.4425511PIAADVERTISINGGMBH/B28713148.352526337;dc_pre=CJHwo46BkvwCFajzEQgd3qMHQQ;dc_trk_aid=540623886;dc_trk_cid=180161300;ord=7180654654252321549;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=
Request Chain 2585
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=nkh8gtcfmc1h HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 2586
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:8874ED5CEE8940DDB1B8506056D965E5&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 2588
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=88A45D14-ACF1-42C5-8783-39F4189AF5BF HTTP 302
  • https://a.audrte.com/p
Request Chain 2589
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=88A45D14-ACF1-42C5-8783-39F4189AF5BF&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=88A45D14-ACF1-42C5-8783-39F4189AF5BF&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 2590
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=88A45D14-ACF1-42C5-8783-39F4189AF5BF&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=88A45D14-ACF1-42C5-8783-39F4189AF5BF&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=88A45D14-ACF1-42C5-8783-39F4189AF5BF&addseg=19,36,42
Request Chain 2591
  • https://pixel.onaudience.com/?partner=214&mapped=88A45D14-ACF1-42C5-8783-39F4189AF5BF&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Request Chain 2594
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=1bPmf4DmsivOs-Z91biqeNC0tnnOt-Yv0LOwaNNR
Request Chain 2595
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=6212074435349714829
Request Chain 2599
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7236359441748730540&expiration=1673086048
Request Chain 2600
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=97cb63a6-cf57-4b00-93fc-283781cb1270
Request Chain 2602
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=f6ffb3ed-04a2-46b3-a84d-d3dcf9a4c8e4&us_privacy=null&gdpr_consent=null&gdpr=null
Request Chain 2603
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Request Chain 2604
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1687601248&external_user_id=5e432e67-f557-4027-a581-a53d0d77e612
Request Chain 2607
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D
Request Chain 2608
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7236359441748730540&expiration=1673086048
Request Chain 2609
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=e7d8f2df-e1d3-4cf3-a977-5b1cb182a8ae
Request Chain 2612
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=3e802f9b-a34c-4e29-9cad-14b061c7e393&us_privacy=null&gdpr_consent=null&gdpr=null
Request Chain 2613
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Request Chain 2614
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7236359441748730540&expiration=1673086048
Request Chain 2616
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1687601248&external_user_id=5e432e67-f557-4027-a581-a53d0d77e612
Request Chain 2618
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=Y6bPWOa4eXFjFoTtryyD1wAA%261203 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=46589e70-2234-4472-9872-c934331612eb-tuctaa054e0
Request Chain 2620
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7236359441748730540&expiration=1673086048
Request Chain 2621
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=1bPmf4DmsivOs-Z91biqeNC0tnnOt-Yv0LOwaNNR
Request Chain 2623
  • https://x.bidswitch.net/sync?ssp=index HTTP 302
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=index&bsw_custom_parameter=755320ee-2727-4208-8ed9-6b19251e856a HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=index&expires=10&bsw_param=755320ee-2727-4208-8ed9-6b19251e856a HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=755320ee-2727-4208-8ed9-6b19251e856a&gdpr=&gdpr_consent=&us_privacy=
Request Chain 2624
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=97cb63a6-cf57-4b00-93fc-283781cb1270
Request Chain 2626
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=h2WmCXc31P91r65
Request Chain 2627
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1671962848
Request Chain 2630
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=88A45D14-ACF1-42C5-8783-39F4189AF5BF HTTP 302
  • https://a.audrte.com/p
Request Chain 2631
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=88A45D14-ACF1-42C5-8783-39F4189AF5BF&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=88A45D14-ACF1-42C5-8783-39F4189AF5BF&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 2632
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=88A45D14-ACF1-42C5-8783-39F4189AF5BF&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=88A45D14-ACF1-42C5-8783-39F4189AF5BF&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=88A45D14-ACF1-42C5-8783-39F4189AF5BF&addseg=19,36,42
Request Chain 2633
  • https://pixel.onaudience.com/?partner=214&mapped=88A45D14-ACF1-42C5-8783-39F4189AF5BF&gdpr=0&gdpr_consent= HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=1b90a1569453975cc12b2b57c50aa752&gdpr=0 HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1242&redirect=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D68%26icm%26cver%26mapped%3D__ADFUID__%26gdpr%3D0 HTTP 302
  • https://pixel.onaudience.com/?partner=68&icm&cver&mapped=7236359441748730540&gdpr=0 HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=e5cc4c2eac971790 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=d65aec00-c6de-473e-7d58-4e7e5626a8cd&reqId=1e0fda63-c940-4001-580a-e08bd117d955&zcluid=e5cc4c2eac971790&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEF2GDsafLzPmU-3i4K3wCDU&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=d65aec00-c6de-473e-7d58-4e7e5626a8cd&reqId=1e0fda63-c940-4001-580a-e08bd117d955&zcluid=e5cc4c2eac971790&zdid=1332
Request Chain 2635
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=nkh8gtcfmc1h HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 2636
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:8874ED5CEE8940DDB1B8506056D965E5&gdpr=0&gdpr_consent=
Request Chain 2640
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=97cb63a6-cf57-4b00-93fc-283781cb1270
Request Chain 2642
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=97cb63a6-cf57-4b00-93fc-283781cb1270
Request Chain 2644
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB
Request Chain 2645
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1687601248&external_user_id=5e432e67-f557-4027-a581-a53d0d77e612
Request Chain 2646
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=9a2a2c1a-6050-413d-af08-52a04c33186b&us_privacy=null&gdpr_consent=null&gdpr=null
Request Chain 2647
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=Y6bPWOa4eXFjFoTtryyD1wAA%261203 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=38afdc72-8e73-419f-a313-65aea544f78e-tuctaa054e0
Request Chain 2648
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=97cb63a6-cf57-4b00-93fc-283781cb1270
Request Chain 2649
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=1cfd1e29-b679-4f65-ae81-428bf0ff02c6
Request Chain 2650
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=Y6bPWOa4eXFjFoTtryyD1wAA%261203&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=1f6fe6b22613c7e96f59d2f6bc7ad194&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=v1b0b_7180654671408516694&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=MWY2ZmU2YjIyNjEzYzdlOTZmNTlkMmY2YmM3YWQxOTQ=&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESELl8Brf4ZlYIBIbRXnmb64c&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
Request Chain 2651
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1671962849
Request Chain 2653
  • https://x.bidswitch.net/sync?ssp=index HTTP 302
  • https://ads.avads.net/sync/bsw?bidswitch_ssp_id=index&bidswitch_param=755320ee-2727-4208-8ed9-6b19251e856a&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=352&user_id=1be00cb1-674a-4cf6-948e-636f87f6abb1&expires=2&ssp=index&bsw_param=755320ee-2727-4208-8ed9-6b19251e856a HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=755320ee-2727-4208-8ed9-6b19251e856a&gdpr=&gdpr_consent=&us_privacy=
Request Chain 2654
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1671962848
Request Chain 2656
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y6bPWwAF2FDiKwAe
Request Chain 2657
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=3d42550d-1848-499d-8847-68f8339721d2
Request Chain 2659
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=h2WmCXc31P91r65
Request Chain 2660
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Request Chain 2664
  • https://x.bidswitch.net/sync?ssp=index HTTP 302
  • https://ads.avads.net/sync/bsw?bidswitch_ssp_id=index&bidswitch_param=755320ee-2727-4208-8ed9-6b19251e856a&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=352&user_id=1be00cb1-674a-4cf6-948e-636f87f6abb1&expires=2&ssp=index&bsw_param=755320ee-2727-4208-8ed9-6b19251e856a HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=755320ee-2727-4208-8ed9-6b19251e856a&gdpr=&gdpr_consent=&us_privacy=
Request Chain 2665
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB
Request Chain 2667
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Request Chain 2669
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=Y6bPWOa4eXFjFoTtryyD1wAA%261203 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=f7975c1d-85e7-4f49-8c0d-31493e25f7e3-tuctaa054e1
Request Chain 2838
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJ57NvDKF-zGmN4-Sfn3qpU&google_cver=1
Request Chain 2841
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB
Request Chain 2883
  • https://pixel.adsafeprotected.com/rfw/st/992712/61653181/skeleton.js?951933410&adsafe_url=https%3A%2F%2Fforward.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fforward.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fflashnetic.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Domaxbbue%26e%3D1544311770728&adsafe_type=bed&adsafe_jsinfo=,id:bb628fd0-e3cd-3e42-b588-99d688830a1a,c:xHUzLi,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-5bd77c4f97-hxntl,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:t1,mtim:1920,mot:0,app:0,maw:0,fm:tqVxc1A+11%7C121%7C131%7C141%7C151%7C161%7C171%7C181%7C191%7C1a%7C1b%7C1c%7C1d11%7C1d121%7C1d13%7C1e11%7C1e121%7C1e13%7C1f11%7C1f12%7C1f13%7C1g11%7C1g12%7C1g21%7C1g3%7C1g4%7C1g5%7C1h11%7C1h12%7C1h13%7C1h2%7C1h3%7C1h41%7C1h5%7C1i11%7C1i12%7C1i13%7C1i2%7C1i31%7C1i4%7C1i5%7C1j11%7C1j12%7C1j13%7C1j2%7C1j31%7C1j4%7C1j5%7C1k11%7C1k12%7C1k13%7C1k21%7C1k3%7C1k4%7C1k5%7C1l11%7C1l12%7C1l13%7C1l2%7C1l3%7C1l4%7C1l51%7C1m11%7C1m12%7C1m13%7C1m2%7C1m31%7C1m4%7C1m5%7C1n11%7C1n12%7C1n13%7C1n14%7C1n2%7C1n3%7C1n4%7C1n51%7C1o11%7C1o12%7C1o13%7C1o14%7C1o21%7C1o3%7C1o4%7C1o5%7C1p11%7C1p12%7C1p13%7C1p14%7C1p15%7C1p2%7C1p3%7C1p41%7C1p5%7C1q11%7C1q12%7C1q2%7C1q3%7C1q4%7C1q51%7C1r11%7C1r12%7C1r13%7C1r2%7C1r3%7C1r41%7C1r5%7C1s11%7C1s12%7C1s13%7C1s2%7C1s3%7C1s4%7C1s51%7C1t%7C1u11%7C1u12%7C1u13%7C1v11%7C1v12%7C1v21%7C1v3%7C1v4%7C1v5%7C1w11%7C1w12%7C1w13%7C1w2%7C1w3%7C1w41%7C1w5%7C1x11%7C1x12%7C1x21%7C1x3%7C1x4%7C1x5%7C1y11%7C1y12%7C1y2%7C1y31%7C1y4%7C1y5%7C1z11%7C1z12%7C1z2%7C1z3%7C1z41%7C1z5%7C11011%7C11012%7C1102%7C11031%7C1104%7C1105%7C11111%7C11112%7C1112%7C11131%7C1114%7C1115%7C11211%7C11212%7C1122%7C1123%7C1124%7C11251%7C11311%7C11312%7C11313%7C1132%7C1133%7C1134%7C11351%7C11411%7C11412%7C1142%7C1143%7C11441%7C1145%7C11511%7C11512%7C11513%7C11611%7C11612%7C11613%7C11711%7C11712%7C11721%7C1173%7C1174%7C1175%7C1181*.992712-61653181%7C11811%7C11812%7C11821%7C1183%7C1184%7C1185%7C11911%7C11912%7C11921%7C1193%7C1194%7C1195%7C11a11%7C11a12%7C11a21%7C11a3%7C11a4%7C11a5%7C11b1%7C11b21%7C11b3%7C11b4%7C11b5%7C11c11%7C11c2%7C11c3%7C11c4%7C11c51%7C11d11%7C11d12%7C11d13%7C11d21%7C11d3%7C11d4%7C11d5%7C11e11%7C11e12%7C11e21%7C11f11%7C11f12%7C11f2%7C11g11%7C11g2%7C11g3%7C11g4%7C11g51%7C11h11%7C11h12%7C11h2%7C11i11%7C11i12%7C11i2%7C11j1%7C11j2%7C11j3%7C11j4%7C11j5%7C11k1%7C11k2%7C11k3%7C11k4%7C11k5%7C11l1%7C11l2%7C11l3%7C11l4%7C11l5%7C11m11%7C11m2%7C11m3%7C11m4%7C11m5%7C11n1%7C11n2%7C11n3%7C11n4%7C11n5%7C11o1%7C11o21%7C11o22%7C11o23%7C11o24%7C11o25%7C11o26%7C11o27%7C11o28%7C11o29%7C11o2a%7C11o2b%7C11o2c%7C11o2d%7C11o2e%7C11o2f%7C11o2g%7C11o2h%7C11o2i%7C11o3%7C11o4%7C11p1%7C11p21%7C11p22%7C11p3%7C11p4%7C11q1%7C11q21%7C11q22%7C11q3%7C11q4%7C11r1%7C11r21%7C11r22%7C11r23%7C11r24%7C11r3%7C11r4%7C11s1%7C11s21%7C11s22%7C11s23%7C11s24%7C11s3%7C11s4,idMap:1181*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,tt:rjss,et:1975,oid:c32deab3-8372-11ed-ac96-4243253bf195,v:19.8.377,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/skeleton.js?951933410
Request Chain 2885
  • https://pixel.adsafeprotected.com/rfw/st/992712/61653181/skeleton.js?420702640&adsafe_url=https%3A%2F%2Fforward.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fforward.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fflashnetic.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Drnekscbjcg%26e%3D1544311770728&adsafe_type=bed&adsafe_jsinfo=,id:640b3095-1b70-3b54-bf53-55c386d31584,c:xHUzMp,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-5bd77c4f97-rzzwj,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:t1,mtim:1991,mot:0,app:0,maw:0,fm:tqVxc1D+11%7C121%7C131%7C141%7C151%7C161%7C171%7C181%7C191%7C1a%7C1b%7C1c%7C1d11%7C1d121%7C1d13%7C1e11%7C1e121%7C1e13%7C1f11%7C1f12%7C1f13%7C1g11%7C1g12%7C1g21%7C1g3%7C1g4%7C1g5%7C1h11%7C1h12%7C1h13%7C1h2%7C1h3%7C1h41%7C1h5%7C1i11%7C1i12%7C1i13%7C1i2%7C1i31%7C1i4%7C1i5%7C1j11%7C1j12%7C1j13%7C1j2%7C1j31%7C1j4%7C1j5%7C1k11%7C1k12%7C1k13%7C1k21%7C1k3%7C1k4%7C1k5%7C1l11%7C1l12%7C1l13%7C1l2%7C1l3%7C1l4%7C1l51%7C1m11%7C1m12%7C1m13%7C1m2%7C1m31%7C1m4%7C1m5%7C1n11%7C1n12%7C1n13%7C1n14%7C1n2%7C1n3%7C1n4%7C1n51%7C1o11%7C1o12%7C1o13%7C1o14%7C1o21%7C1o3%7C1o4%7C1o5%7C1p11%7C1p12%7C1p13%7C1p14%7C1p15%7C1p2%7C1p3%7C1p41%7C1p5%7C1q11%7C1q12%7C1q2%7C1q3%7C1q4%7C1q51%7C1r11%7C1r12%7C1r13%7C1r2%7C1r3%7C1r41%7C1r5%7C1s11%7C1s12%7C1s13%7C1s2%7C1s3%7C1s4%7C1s51%7C1t%7C1u11%7C1u12%7C1u13%7C1v11%7C1v12%7C1v21%7C1v3%7C1v4%7C1v5%7C1w11%7C1w12%7C1w13%7C1w2%7C1w3%7C1w41%7C1w5%7C1x11%7C1x12%7C1x21%7C1x3%7C1x4%7C1x5%7C1y11%7C1y12%7C1y2%7C1y31%7C1y4%7C1y5%7C1z11%7C1z12%7C1z2%7C1z3%7C1z41%7C1z5%7C11011%7C11012%7C1102%7C11031%7C1104%7C1105%7C11111%7C11112%7C1112%7C11131%7C1114%7C1115%7C11211%7C11212%7C1122%7C1123%7C1124%7C11251%7C11311%7C11312%7C11313%7C1132%7C1133%7C1134%7C11351%7C11411%7C11412%7C1142%7C1143%7C11441%7C1145%7C11511%7C11512%7C11513%7C11611%7C11612%7C11613%7C11711%7C11712%7C11721%7C1173%7C1174%7C1175%7C11811%7C11812%7C11813%7C11821%7C1183%7C1184%7C1185%7C1191*.992712-61653181%7C11911%7C11912%7C11921%7C1193%7C1194%7C1195%7C11a11%7C11a12%7C11a21%7C11a3%7C11a4%7C11a5%7C11b1%7C11b21%7C11b3%7C11b4%7C11b5%7C11c11%7C11c2%7C11c3%7C11c4%7C11c51%7C11d11%7C11d12%7C11d13%7C11d21%7C11d3%7C11d4%7C11d5%7C11e11%7C11e12%7C11e21%7C11f11%7C11f12%7C11f2%7C11g11%7C11g2%7C11g3%7C11g4%7C11g51%7C11h11%7C11h12%7C11h2%7C11i11%7C11i12%7C11i2%7C11j1%7C11j2%7C11j3%7C11j4%7C11j5%7C11k1%7C11k2%7C11k3%7C11k4%7C11k5%7C11l1%7C11l2%7C11l3%7C11l4%7C11l5%7C11m11%7C11m2%7C11m3%7C11m4%7C11m5%7C11n1%7C11n2%7C11n3%7C11n4%7C11n5%7C11o1%7C11o21%7C11o22%7C11o23%7C11o24%7C11o25%7C11o26%7C11o27%7C11o28%7C11o29%7C11o2a%7C11o2b%7C11o2c%7C11o2d%7C11o2e%7C11o2f%7C11o2g%7C11o2h%7C11o2i%7C11o3%7C11o4%7C11p1%7C11p21%7C11p22%7C11p3%7C11p4%7C11q1%7C11q21%7C11q22%7C11q3%7C11q4%7C11r1%7C11r21%7C11r22%7C11r23%7C11r24%7C11r3%7C11r4%7C11s1%7C11s21%7C11s22%7C11s23%7C11s24%7C11s3%7C11s4,idMap:1191*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,tt:rjss,et:2041,oid:c33082db-8372-11ed-bd2e-1a9314e2227e,v:19.8.377,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/skeleton.js?420702640
Request Chain 2892
  • https://pixel.adsafeprotected.com/rfw/st/992712/61653181/skeleton.js?618329399&adsafe_url=https%3A%2F%2Fforward.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fforward.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fflashnetic.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dppqndwhs%26e%3D1544311770728&adsafe_type=bed&adsafe_jsinfo=,id:94697281-4f1d-8bd9-5415-adfe7a986903,c:xHUzNC,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-5bd77c4f97-h2jwz,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:t1,mtim:2032,mot:0,app:0,maw:0,fm:tqVxc2e+11%7C121%7C131%7C141%7C151%7C161%7C171%7C181%7C191%7C1a%7C1b%7C1c%7C1d11%7C1d121%7C1d13%7C1e11%7C1e121%7C1e13%7C1f11%7C1f12%7C1f13%7C1g11%7C1g12%7C1g21%7C1g3%7C1g4%7C1g5%7C1h11%7C1h12%7C1h13%7C1h2%7C1h3%7C1h41%7C1h5%7C1i11%7C1i12%7C1i13%7C1i2%7C1i31%7C1i4%7C1i5%7C1j11%7C1j12%7C1j13%7C1j2%7C1j31%7C1j4%7C1j5%7C1k11%7C1k12%7C1k13%7C1k21%7C1k3%7C1k4%7C1k5%7C1l11%7C1l12%7C1l13%7C1l2%7C1l3%7C1l4%7C1l51%7C1m11%7C1m12%7C1m13%7C1m2%7C1m31%7C1m4%7C1m5%7C1n11%7C1n12%7C1n13%7C1n14%7C1n2%7C1n3%7C1n4%7C1n51%7C1o11%7C1o12%7C1o13%7C1o14%7C1o21%7C1o3%7C1o4%7C1o5%7C1p11%7C1p12%7C1p13%7C1p14%7C1p15%7C1p2%7C1p3%7C1p41%7C1p5%7C1q11%7C1q12%7C1q2%7C1q3%7C1q4%7C1q51%7C1r11%7C1r12%7C1r13%7C1r2%7C1r3%7C1r41%7C1r5%7C1s11%7C1s12%7C1s13%7C1s2%7C1s3%7C1s4%7C1s51%7C1t%7C1u11%7C1u12%7C1u13%7C1v11%7C1v12%7C1v21%7C1v3%7C1v4%7C1v5%7C1w11%7C1w12%7C1w13%7C1w2%7C1w3%7C1w41%7C1w5%7C1x11%7C1x12%7C1x21%7C1x3%7C1x4%7C1x5%7C1y11%7C1y12%7C1y2%7C1y31%7C1y4%7C1y5%7C1z11%7C1z12%7C1z2%7C1z3%7C1z41%7C1z5%7C11011%7C11012%7C1102%7C11031%7C1104%7C1105%7C11111%7C11112%7C1112%7C11131%7C1114%7C1115%7C11211%7C11212%7C1122%7C1123%7C1124%7C11251%7C11311%7C11312%7C11313%7C1132%7C1133%7C1134%7C11351%7C11411%7C11412%7C1142%7C1143%7C11441%7C1145%7C11511%7C11512%7C11513%7C11611%7C11612%7C11613%7C11711%7C11712%7C11721%7C1173%7C1174%7C1175%7C11811%7C11812%7C11813%7C11821%7C1183%7C1184%7C1185%7C11911%7C11912%7C11913%7C11921%7C1193%7C1194%7C1195%7C11a1*.992712-61653181%7C11a11%7C11a12%7C11a21%7C11a3%7C11a4%7C11a5%7C11b1%7C11b21%7C11b3%7C11b4%7C11b5%7C11c11%7C11c2%7C11c3%7C11c4%7C11c51%7C11d11%7C11d12%7C11d13%7C11d21%7C11d3%7C11d4%7C11d5%7C11e11%7C11e12%7C11e21%7C11f11%7C11f12%7C11f2%7C11g11%7C11g2%7C11g3%7C11g4%7C11g51%7C11h11%7C11h12%7C11h2%7C11i11%7C11i12%7C11i2%7C11j1%7C11j2%7C11j3%7C11j4%7C11j5%7C11k1%7C11k2%7C11k3%7C11k4%7C11k5%7C11l1%7C11l2%7C11l3%7C11l4%7C11l5%7C11m11%7C11m2%7C11m3%7C11m4%7C11m5%7C11n1%7C11n2%7C11n3%7C11n4%7C11n5%7C11o1%7C11o21%7C11o22%7C11o23%7C11o24%7C11o25%7C11o26%7C11o27%7C11o28%7C11o29%7C11o2a%7C11o2b%7C11o2c%7C11o2d%7C11o2e%7C11o2f%7C11o2g%7C11o2h%7C11o2i%7C11o3%7C11o4%7C11p1%7C11p21%7C11p22%7C11p3%7C11p4%7C11q1%7C11q21%7C11q22%7C11q3%7C11q4%7C11r1%7C11r21%7C11r22%7C11r23%7C11r24%7C11r3%7C11r4%7C11s1%7C11s21%7C11s22%7C11s23%7C11s24%7C11s3%7C11s4,idMap:11a1*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,tt:rjss,et:2079,oid:c33bf400-8372-11ed-ba25-127e873677c9,v:19.8.377,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/skeleton.js?618329399

2976 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
forward.com/news/529130/george-santos-jewish-lie-genealogy-records/ 		98 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / WP Engine
Resource Hash
e14d2d26caa892f6d30c14d72cef32a34fbb73fe7795e7190b05954777e1d4ac
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=600, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
77e8875d0e099013-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 10:07:13 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
link
<https://forward.com/wp-json/>; rel="https://api.w.org/" <https://forward.com/wp-json/wp/v2/posts/529130>; rel="alternate"; type="application/json" <https://forward.com/?p=529130>; rel=shortlink
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=63072000; preload
vary
Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache
HIT: 7
x-cache-group
normal
x-cacheable
SHORT
x-powered-by
WP Engine
autoptimize_e2d5fc7a1aaf461f4b003ed91dbda76e.css
forward.com/wp-content/cache/autoptimize/css/ 		165 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://forward.com/wp-content/cache/autoptimize/css/autoptimize_e2d5fc7a1aaf461f4b003ed91dbda76e.css
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4a6c0e6f625f8cc2e99b29ed011b52f9feed8db64e620a0c306c816ed9c76a6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:13 GMT
strict-transport-security
max-age=63072000; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 22 Dec 2022 20:36:21 GMT
server
cloudflare
age
134101
etag
W/"63a4bfc5-295db"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77e8875e984e9013-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ForwardFrankruhl-Bold.otf
forward.com/wp-content/themes/studio-simpatico/fonts/ 		124 KB
125 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://forward.com/wp-content/themes/studio-simpatico/fonts/ForwardFrankruhl-Bold.otf
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b66fc72eaf36d6786e8420d236ec4782b2fdffe8d95c182c923b2518d326728f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload

Request headers

Referer
https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Origin
https://forward.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:13 GMT
strict-transport-security
max-age=63072000; preload
cf-cache-status
HIT
last-modified
Thu, 20 Oct 2022 06:35:16 GMT
server
cloudflare
age
227879
etag
"6350ec24-1f1b4"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
77e8875ea8509013-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
127412
ForwardFrankruhl-Medium.otf
forward.com/wp-content/themes/studio-simpatico/fonts/ 		107 KB
107 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://forward.com/wp-content/themes/studio-simpatico/fonts/ForwardFrankruhl-Medium.otf
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f833869584b753cd1922c03fa66917867d483ba55ca1d409610b5cb4a524e2b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload

Request headers

Referer
https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Origin
https://forward.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:13 GMT
strict-transport-security
max-age=63072000; preload
cf-cache-status
HIT
last-modified
Thu, 20 Oct 2022 06:35:16 GMT
server
cloudflare
age
227879
etag
"6350ec24-1ac54"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
77e8875ea8519013-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
109652
ForwardFrankruhlHeavy.otf
forward.com/wp-content/themes/studio-simpatico/fonts/ 		121 KB
122 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://forward.com/wp-content/themes/studio-simpatico/fonts/ForwardFrankruhlHeavy.otf
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f265610ea9312f96db83689184e186fc7b0cd517717ff095e0b33d4c0bdc48a2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload

Request headers

Referer
https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Origin
https://forward.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:13 GMT
strict-transport-security
max-age=63072000; preload
cf-cache-status
HIT
last-modified
Thu, 20 Oct 2022 06:35:17 GMT
server
cloudflare
age
227879
etag
"6350ec25-1e5d8"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
77e8875ea8569013-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
124376
Merriweather-Black.ttf
forward.com/wp-content/themes/studio-simpatico/fonts/ 		138 KB
139 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://forward.com/wp-content/themes/studio-simpatico/fonts/Merriweather-Black.ttf
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f194f4b5feb160e249d2ca0f6165f8aada18ef3326ee3690e858b5a39e678ca
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload

Request headers

Referer
https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Origin
https://forward.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:13 GMT
strict-transport-security
max-age=63072000; preload
cf-cache-status
HIT
last-modified
Thu, 20 Oct 2022 06:35:17 GMT
server
cloudflare
age
227879
etag
"6350ec25-22984"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
77e8875ea8579013-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
141700
Merriweather-BlackItalic.ttf
forward.com/wp-content/themes/studio-simpatico/fonts/ 		139 KB
140 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://forward.com/wp-content/themes/studio-simpatico/fonts/Merriweather-BlackItalic.ttf
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e0e3b15b0667c8e7eca1ee84d3a4b1d9791b47abe3b28d06e678a8c15a91482
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload

Request headers

Referer
https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Origin
https://forward.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:13 GMT
strict-transport-security
max-age=63072000; preload
cf-cache-status
HIT
last-modified
Thu, 20 Oct 2022 06:35:18 GMT
server
cloudflare
age
227879
etag
"6350ec26-22d1c"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
77e8875ea8589013-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
142620
Merriweather-Bold.ttf
forward.com/wp-content/themes/studio-simpatico/fonts/ 		139 KB
139 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://forward.com/wp-content/themes/studio-simpatico/fonts/Merriweather-Bold.ttf
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c043c7e4e31bef13751f8c14a55b6cd731130501eb726cdf87354da8c4c3c46
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload

Request headers

Referer
https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Origin
https://forward.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:13 GMT
strict-transport-security
max-age=63072000; preload
cf-cache-status
HIT
last-modified
Thu, 20 Oct 2022 06:35:19 GMT
server
cloudflare
age
227879
etag
"6350ec27-22ad8"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
77e8875ea85a9013-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
142040
Merriweather-BoldItalic.ttf
forward.com/wp-content/themes/studio-simpatico/fonts/ 		140 KB
141 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://forward.com/wp-content/themes/studio-simpatico/fonts/Merriweather-BoldItalic.ttf
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
304c1457814164a84ce4f04301e754c6c0c152f31f0abb3d4dbb9f949efe0316
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload

Request headers

Referer
https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Origin
https://forward.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:13 GMT
strict-transport-security
max-age=63072000; preload
cf-cache-status
HIT
last-modified
Thu, 20 Oct 2022 06:35:19 GMT
server
cloudflare
age
227879
etag
"6350ec27-231d8"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
77e8875ea85b9013-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
143832
Merriweather-Italic.ttf
forward.com/wp-content/themes/studio-simpatico/fonts/ 		139 KB
140 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://forward.com/wp-content/themes/studio-simpatico/fonts/Merriweather-Italic.ttf
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
92bb546c3a9911a0efc6cae0e507809148009786ef8289d3923ae503646e3037
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload

Request headers

Referer
https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Origin
https://forward.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:13 GMT
strict-transport-security
max-age=63072000; preload
cf-cache-status
HIT
last-modified
Thu, 20 Oct 2022 06:35:20 GMT
server
cloudflare
age
227879
etag
"6350ec28-22d38"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
77e8875ea85c9013-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
142648
Merriweather-Regular.ttf
forward.com/wp-content/themes/studio-simpatico/fonts/ 		146 KB
146 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://forward.com/wp-content/themes/studio-simpatico/fonts/Merriweather-Regular.ttf
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
06a2eb39176db59b9b7b0ddafee5748f4c032450c048ac99174a59f0b31997b9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload

Request headers

Referer
https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Origin
https://forward.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:13 GMT
strict-transport-security
max-age=63072000; preload
cf-cache-status
HIT
last-modified
Thu, 20 Oct 2022 06:35:21 GMT
server
cloudflare
age
227879
etag
"6350ec29-24680"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
77e8875ea85d9013-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
149120
MerriweatherSans-Bold.ttf
forward.com/wp-content/themes/studio-simpatico/fonts/ 		136 KB
136 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://forward.com/wp-content/themes/studio-simpatico/fonts/MerriweatherSans-Bold.ttf
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
10c95a60c2e3650d06b2dbd2a6ad63f1097261ab898372457a972c9837101665
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload

Request headers

Referer
https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Origin
https://forward.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:13 GMT
strict-transport-security
max-age=63072000; preload
cf-cache-status
HIT
last-modified
Thu, 20 Oct 2022 06:35:21 GMT
server
cloudflare
age
227879
etag
"6350ec29-21ee0"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
77e8875ed8a09013-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
138976
MerriweatherSans-BoldItalic.ttf
forward.com/wp-content/themes/studio-simpatico/fonts/ 		119 KB
119 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://forward.com/wp-content/themes/studio-simpatico/fonts/MerriweatherSans-BoldItalic.ttf
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
915ddf0d92c3226bb0483ca1e141997c3882f07ac34e63cb793d6894e51c8c2f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload

Request headers

Referer
https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Origin
https://forward.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:13 GMT
strict-transport-security
max-age=63072000; preload
cf-cache-status
HIT
last-modified
Thu, 20 Oct 2022 06:35:22 GMT
server
cloudflare
age
227879
etag
"6350ec2a-1dab8"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
77e8875ed8a39013-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
121528
MerriweatherSans-ExtraBold.ttf
forward.com/wp-content/themes/studio-simpatico/fonts/ 		136 KB
136 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://forward.com/wp-content/themes/studio-simpatico/fonts/MerriweatherSans-ExtraBold.ttf
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
90836214b9a339527f209edaa258e33eccb7063ba6ddb24431e5074039abcf08
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload

Request headers

Referer
https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Origin
https://forward.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:13 GMT
strict-transport-security
max-age=63072000; preload
cf-cache-status
HIT
last-modified
Thu, 20 Oct 2022 06:35:22 GMT
server
cloudflare
age
227879
etag
"6350ec2a-21ec8"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
77e8875ed8a49013-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
138952
MerriweatherSans-ExtraBoldItalic.ttf
forward.com/wp-content/themes/studio-simpatico/fonts/ 		119 KB
119 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://forward.com/wp-content/themes/studio-simpatico/fonts/MerriweatherSans-ExtraBoldItalic.ttf
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4d33dc41f3c1ccd072d47c46a33dfc161c4a13570974f3ff199e9fe91187b75
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload

Request headers

Referer
https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Origin
https://forward.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:13 GMT
strict-transport-security
max-age=63072000; preload
cf-cache-status
HIT
last-modified
Thu, 20 Oct 2022 06:35:22 GMT
server
cloudflare
age
227879
etag
"6350ec2a-1db00"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
77e8875ed8a69013-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
121600
MerriweatherSans-Italic.ttf
forward.com/wp-content/themes/studio-simpatico/fonts/ 		118 KB
119 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://forward.com/wp-content/themes/studio-simpatico/fonts/MerriweatherSans-Italic.ttf
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd5cf7d4cbeb21062cd313590d74dc1df48375abed732722c3126d7299507bb3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload

Request headers

Referer
https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Origin
https://forward.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:13 GMT
strict-transport-security
max-age=63072000; preload
cf-cache-status
HIT
last-modified
Thu, 20 Oct 2022 06:35:23 GMT
server
cloudflare
age
227879
etag
"6350ec2b-1d9c8"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
77e8875ed8a89013-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
121288
MerriweatherSans-Regular.ttf
forward.com/wp-content/themes/studio-simpatico/fonts/ 		136 KB
136 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://forward.com/wp-content/themes/studio-simpatico/fonts/MerriweatherSans-Regular.ttf
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b2eea8547a99b96cc16ded693a2d918e4a3b82adbfb41510a0ce39be6d287e2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload

Request headers

Referer
https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Origin
https://forward.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:13 GMT
strict-transport-security
max-age=63072000; preload
cf-cache-status
HIT
last-modified
Thu, 20 Oct 2022 06:35:24 GMT
server
cloudflare
age
227879
etag
"6350ec2c-21e34"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
77e8875ed8a99013-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
138804
js
www.googletagmanager.com/gtag/ 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-7290892-1
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a798799cacd8107f6a58f27d0f1fc4d2b3d3725df53d73300dba62978fbf0022
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:13 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43585
x-xss-protection
0
last-modified
Sat, 24 Dec 2022 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 24 Dec 2022 10:07:13 GMT
chartbeat_mab.js
static.chartbeat.com/js/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2304:e600:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 00:43:34 GMT
content-encoding
gzip
via
1.1 6c38ff4c7648bbb26bea641498fdefb0.cloudfront.net (CloudFront)
last-modified
Wed, 20 Jul 2022 00:57:56 GMT
server
nginx
x-amz-cf-pop
VIE50-P1
age
33820
etag
W/"62d75314-5d6b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
GLUm6ZQOiIBizNLz6-jEPesLhbwyqSTN-5rfN6Pys6ojeTdKkRuJgQ==
expires
Sun, 25 Dec 2022 00:43:34 GMT
jquery.min.js
forward.com/wp-content/themes/studio-simpatico/js/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forward.com/wp-content/themes/studio-simpatico/js/jquery.min.js?ver=6.1.1
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fde6da568db31801e29243a903bf24f342256b41e3c01e7d018ff7c566ce7fc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:13 GMT
strict-transport-security
max-age=63072000; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 20 Oct 2022 06:37:23 GMT
server
cloudflare
age
227666
etag
W/"6350eca3-15d94"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77e8875ed8ac9013-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ad-block-detection.js
forward.com/wp-content/themes/studio-simpatico/js/piano/ 		600 B
430 B 		Script
General
Check archive.org
Download Go to
Full URL
https://forward.com/wp-content/themes/studio-simpatico/js/piano/ad-block-detection.js?ver=6.1.1
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec73b4427631cd680c75c31ca108f172bde68cbd173b2ac7bb81a814f3455bdf
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:13 GMT
strict-transport-security
max-age=63072000; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 20 Oct 2022 06:37:24 GMT
server
cloudflare
age
227666
etag
W/"6350eca4-258"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77e8875ed8ad9013-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
logo.svg
forward.com/wp-content/themes/studio-simpatico/svgs/ 		9 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forward.com/wp-content/themes/studio-simpatico/svgs/logo.svg
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8f192054fa50faa0120feef3389582a4ca82c77ed0922b8db821806e3f9b6a1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:14 GMT
strict-transport-security
max-age=63072000; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 20 Oct 2022 06:56:28 GMT
server
cloudflare
age
228295
etag
W/"6350f11c-245a"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77e88760792f6993-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Ludovicus-Thomas-Horta.png
forward.com/wp-content/uploads/2022/12/ 		560 KB
560 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forward.com/wp-content/uploads/2022/12/Ludovicus-Thomas-Horta.png
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f237279729ae7345c37af174d74f5c27f0e24713436e3b08f1e075fc28dd5f50
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:14 GMT
strict-transport-security
max-age=63072000; preload
cf-cache-status
HIT
age
228379
cf-polished
origFmt=png, origSize=627478
content-disposition
inline; filename="Ludovicus-Thomas-Horta.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
573320
cf-bgj
imgq:100,h2pri
last-modified
Tue, 20 Dec 2022 18:41:26 GMT
server
cloudflare
etag
"63a201d6-99316"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
77e8876079326993-FRA
email-decode.min.js
forward.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
871 B 		Script
General
Check archive.org
Download Go to
Full URL
https://forward.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 20 Dec 2022 16:36:20 GMT
server
cloudflare
etag
W/"63a1e484-4d7"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
77e8876038536993-FRA
expires
Mon, 26 Dec 2022 10:07:13 GMT
polyfill.min.js
polyfill.io/v3/ 		101 B
417 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?features=IntersectionObserver%2Cfetch&ver=6.1.1
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:800::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:14 GMT
content-encoding
br
last-modified
Wed, 30 Nov 2022 17:02:06 GMT
age
0
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
useragent_normaliser
chrome/108.0.0
server-timing
cache-lax10675, PASS, fastly;desc="Edge time";dur=17
accept-ranges
bytes
content-length
94
init.js
forward.com/wp-content/themes/studio-simpatico/js/piano/ 		636 B
458 B 		Script
General
Check archive.org
Download Go to
Full URL
https://forward.com/wp-content/themes/studio-simpatico/js/piano/init.js?ver=6.1.1
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8df49d5772930e7dbbb66ddc2157f961f1d3ed1553504351d7a1ff0805333519
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:14 GMT
strict-transport-security
max-age=63072000; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 20 Oct 2022 06:37:25 GMT
server
cloudflare
age
228249
etag
W/"6350eca5-27c"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77e8876069156993-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
id.js
forward.com/wp-content/themes/studio-simpatico/js/piano/ 		355 B
413 B 		Script
General
Check archive.org
Download Go to
Full URL
https://forward.com/wp-content/themes/studio-simpatico/js/piano/id.js?ver=3
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9643a3b0b41886b59bb134b79d37ab8e5b73dec3b767ccff4571be464d1e6a6c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:14 GMT
strict-transport-security
max-age=63072000; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 20 Oct 2022 06:37:24 GMT
server
cloudflare
age
228249
etag
W/"6350eca4-163"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77e8876079256993-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
iterable-newsletter.js
forward.com/wp-content/themes/studio-simpatico/js/piano/ 		2 KB
884 B 		Script
General
Check archive.org
Download Go to
Full URL
https://forward.com/wp-content/themes/studio-simpatico/js/piano/iterable-newsletter.js?ver=3
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
03f8486d8e755e298fd380f8c77b4903672c6b66732794c9750cc9d2a852337f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:14 GMT
strict-transport-security
max-age=63072000; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 20 Oct 2022 06:37:25 GMT
server
cloudflare
age
228152
etag
W/"6350eca5-669"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77e88760792a6993-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
blog-posts.js
forward.com/wp-content/themes/studio-simpatico/js/piano/ 		309 B
398 B 		Script
General
Check archive.org
Download Go to
Full URL
https://forward.com/wp-content/themes/studio-simpatico/js/piano/blog-posts.js?ver=6.1.1
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f15330d7f1ea99d421119be1a83268cee81b6a4e668bc90cfbab214ba67a0adb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:14 GMT
strict-transport-security
max-age=63072000; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 20 Oct 2022 06:37:24 GMT
server
cloudflare
age
228207
etag
W/"6350eca4-135"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77e88760792c6993-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ad-grid-forward-com.js
console.adgrid.io/adgrid-build/ 		835 KB
216 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://console.adgrid.io/adgrid-build/ad-grid-forward-com.js
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:709 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e60384e9d3fd4f77f2d793048bd4a7b8c84f2e9d830cdb9d1d6738c57dfadfec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:14 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 06 Dec 2022 17:52:22 GMT
server
cloudflare
age
3292
cf-polished
origSize=855030
etag
W/"d0bf6-5ef2c774edccd-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ieD5gyaJOEy1nJj43HaQqK2%2B3oDwJjGU%2BfVYmScjptRnZwjaYC0bp5LdBzj9P1dahaKo0tQ7S5uKUeMKl8b6VEaW%2Fe288CwMRZV6PN0Y%2FMygtCrrYZh6WJAE62X%2Bu%2FMQVWlmpUgSqmrsKnusHfhZ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=31536000
cf-ray
77e887611db26958-FRA
autoptimize_a313dc052f9249fce86ccc0164e8de54.js
forward.com/wp-content/cache/autoptimize/js/ 		319 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forward.com/wp-content/cache/autoptimize/js/autoptimize_a313dc052f9249fce86ccc0164e8de54.js
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2b25245566c9f9e1107281e959bbd92b815e387e17abf44a402e86a06d2c93f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:14 GMT
strict-transport-security
max-age=63072000; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 30 Nov 2022 15:49:12 GMT
server
cloudflare
age
228152
etag
W/"63877b78-4fcc8"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77e8876079356993-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 24 Dec 2022 09:50:44 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
990
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Sat, 24 Dec 2022 11:50:44 GMT
js
www.googletagmanager.com/gtag/ 		227 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-M5T63K49VC&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-7290892-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e1550edcb36c4ee65d4a649dff48ecc31cde47661b12ed377708d88a14330cae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78872
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 24 Dec 2022 10:07:14 GMT
chartbeat.js
static.chartbeat.com/js/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2304:e600:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 01:01:25 GMT
content-encoding
gzip
via
1.1 6c38ff4c7648bbb26bea641498fdefb0.cloudfront.net (CloudFront)
last-modified
Thu, 08 Dec 2022 17:25:10 GMT
server
nginx
x-amz-cf-pop
VIE50-P1
age
32749
etag
W/"63921df6-9377"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
wrUiGgKJqDjiaHteKtScV9BXImPnSW5HIAmmrqr8r65EY-GdD5cG-w==
expires
Sun, 25 Dec 2022 01:01:25 GMT
advertising.js
www.npttech.com/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.npttech.com/advertising.js
Requested by
Host: forward.com
URL: https://forward.com/wp-content/themes/studio-simpatico/js/piano/ad-block-detection.js?ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:3c9f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:14 GMT
x-amz-version-id
AqISHxpKTQvORh8RqBdMoHK.Vq6tURDV
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
1HG3Y11AHE62FRG9
age
241
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
UUrHmTH3oEDiwlnSw8MvEQ8MQWBRLG/XBFkTBTuj3XaakI4I8/uDVMMF/MpZ4kWglYDm064RMos=
last-modified
Tue, 18 Oct 2022 13:20:01 GMT
server
cloudflare
etag
W/"df0e1827cd8f289a645f38d8fecaf6e0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tBze6kyd0pHaPdINgbIDVAPnr6GU%2BqRG87zEU8ATHZFI5f8D%2BK328vJb7ns9pCdiBsDp3m7MFneaZZ%2ByAnO7iAB%2BeWxV9qKLLi80MaIAsF1pYHe%2FZ35QVOg7aT2tMnofx%2F2su8Ap7aP4SiC%2F%2BhQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=28800
cf-ray
77e887611b67698b-FRA
bnnwco9u6z
www.clarity.ms/tag/ 		675 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/bnnwco9u6z?ref=wordpress
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4f:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2924ecb4d72ca87942b467394327cf343a66e6f0fe0ecdc917f634793bff7d71

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
application/x-javascript
date
Sat, 24 Dec 2022 10:07:14 GMT
cache-control
no-cache, no-store
expires
-1
x-azure-ref
0Us+mYwAAAACLMyGumFaMT5BiDUOVHCGVRlJBMzFFREdFMDMwOAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache
CONFIG_NOCACHE
request-context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
gtm.js
www.googletagmanager.com/ 		138 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MNVB65F
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
23297e210b689a2e968aa93eb27e39e626eba612d284450e4089307c4741b16c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51246
x-xss-protection
0
last-modified
Sat, 24 Dec 2022 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 24 Dec 2022 10:07:14 GMT
fbevents.js
connect.facebook.net/en_US/ 		103 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 24 Dec 2022 10:07:14 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27298
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
DaGisj+I/14eYmBANSof2U2KlTBqBAu3oTl+kH+pGWq4PJya7Qh/lyQi31Wb6oQXNaBtZXl+J4anzj0qLbhu4g==
x-fb-trip-id
917726464
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
icon-search.svg
forward.com/wp-content/themes/studio-simpatico/svgs/ 		1 KB
873 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forward.com/wp-content/themes/studio-simpatico/svgs/icon-search.svg
Requested by
Host: forward.com
URL: https://forward.com/wp-content/cache/autoptimize/css/autoptimize_e2d5fc7a1aaf461f4b003ed91dbda76e.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd9938123458a70098f31f64a2e12ffcb5eaf9c7ec46537976d16be592a55c5b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/wp-content/cache/autoptimize/css/autoptimize_e2d5fc7a1aaf461f4b003ed91dbda76e.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:14 GMT
strict-transport-security
max-age=63072000; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 20 Oct 2022 06:56:27 GMT
server
cloudflare
age
226830
etag
W/"6350f11b-521"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77e8876089426993-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
header-link-arrow.svg
forward.com/wp-content/themes/studio-simpatico/svgs/ 		880 B
714 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forward.com/wp-content/themes/studio-simpatico/svgs/header-link-arrow.svg
Requested by
Host: forward.com
URL: https://forward.com/wp-content/cache/autoptimize/css/autoptimize_e2d5fc7a1aaf461f4b003ed91dbda76e.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0dafd03fc3c5f4d78da8d5b45ba093103633c762997966693a6dd3792350c7cb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/wp-content/cache/autoptimize/css/autoptimize_e2d5fc7a1aaf461f4b003ed91dbda76e.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:14 GMT
strict-transport-security
max-age=63072000; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 20 Oct 2022 06:56:28 GMT
server
cloudflare
age
226830
etag
W/"6350f11c-370"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77e8876089536993-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
icon-account.svg
forward.com/wp-content/themes/studio-simpatico/svgs/ 		8 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forward.com/wp-content/themes/studio-simpatico/svgs/icon-account.svg
Requested by
Host: forward.com
URL: https://forward.com/wp-content/cache/autoptimize/css/autoptimize_e2d5fc7a1aaf461f4b003ed91dbda76e.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e336006701bb4371e98c9fd71e6e2e11ed929957259f2924d9d0153f2917e367
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/wp-content/cache/autoptimize/css/autoptimize_e2d5fc7a1aaf461f4b003ed91dbda76e.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:14 GMT
strict-transport-security
max-age=63072000; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 20 Oct 2022 06:56:26 GMT
server
cloudflare
age
228296
etag
W/"6350f11a-21cf"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77e8876089596993-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
icon-caret.svg
forward.com/wp-content/themes/studio-simpatico/svgs/ 		2 KB
849 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forward.com/wp-content/themes/studio-simpatico/svgs/icon-caret.svg
Requested by
Host: forward.com
URL: https://forward.com/wp-content/cache/autoptimize/css/autoptimize_e2d5fc7a1aaf461f4b003ed91dbda76e.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
037e3e95087d700b7eea3cddbc888d98ee0a88d1bedcc2a633cde21eabe53478
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/wp-content/cache/autoptimize/css/autoptimize_e2d5fc7a1aaf461f4b003ed91dbda76e.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:14 GMT
strict-transport-security
max-age=63072000; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 20 Oct 2022 06:56:26 GMT
server
cloudflare
age
228295
etag
W/"6350f11a-609"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77e88760895c6993-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
facebook-f.svg
forward.com/wp-content/themes/studio-simpatico/svgs/fontawesome/brands/ 		401 B
538 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forward.com/wp-content/themes/studio-simpatico/svgs/fontawesome/brands/facebook-f.svg
Requested by
Host: forward.com
URL: https://forward.com/wp-content/cache/autoptimize/css/autoptimize_e2d5fc7a1aaf461f4b003ed91dbda76e.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
00d1abe4957daebfc693a1f3cb4a41f9ea636b2360d28820c2411eb16a7f6f3f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/wp-content/cache/autoptimize/css/autoptimize_e2d5fc7a1aaf461f4b003ed91dbda76e.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:14 GMT
strict-transport-security
max-age=63072000; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 20 Oct 2022 06:38:39 GMT
server
cloudflare
age
228295
etag
W/"6350ecef-191"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77e8876089606993-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
twitter.svg
forward.com/wp-content/themes/studio-simpatico/svgs/fontawesome/brands/ 		1020 B
836 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forward.com/wp-content/themes/studio-simpatico/svgs/fontawesome/brands/twitter.svg
Requested by
Host: forward.com
URL: https://forward.com/wp-content/cache/autoptimize/css/autoptimize_e2d5fc7a1aaf461f4b003ed91dbda76e.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3476d2ae47cb252137ace1cfbe45a3950a6b8a070f3e160392317c9fc6d88f1d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/wp-content/cache/autoptimize/css/autoptimize_e2d5fc7a1aaf461f4b003ed91dbda76e.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:14 GMT
strict-transport-security
max-age=63072000; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 20 Oct 2022 06:39:33 GMT
server
cloudflare
age
228295
etag
W/"6350ed25-3fc"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77e8876089636993-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
instagram.svg
forward.com/wp-content/themes/studio-simpatico/svgs/fontawesome/brands/ 		1 KB
828 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forward.com/wp-content/themes/studio-simpatico/svgs/fontawesome/brands/instagram.svg
Requested by
Host: forward.com
URL: https://forward.com/wp-content/cache/autoptimize/css/autoptimize_e2d5fc7a1aaf461f4b003ed91dbda76e.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c999c000349acfb1b1aa739036aae75a1d7fa48d09b9470a6e75687bf21c9326
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/wp-content/cache/autoptimize/css/autoptimize_e2d5fc7a1aaf461f4b003ed91dbda76e.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:14 GMT
strict-transport-security
max-age=63072000; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 20 Oct 2022 06:38:53 GMT
server
cloudflare
age
228295
etag
W/"6350ecfd-47f"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77e8876089666993-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
youtube.svg
forward.com/wp-content/themes/studio-simpatico/svgs/fontawesome/brands/ 		699 B
656 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forward.com/wp-content/themes/studio-simpatico/svgs/fontawesome/brands/youtube.svg
Requested by
Host: forward.com
URL: https://forward.com/wp-content/cache/autoptimize/css/autoptimize_e2d5fc7a1aaf461f4b003ed91dbda76e.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
65a1cc21f58b4680197c3f9ee35746c0d6af4f7fbd10c8a8fd1c9ca3cd4ab1f7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/wp-content/cache/autoptimize/css/autoptimize_e2d5fc7a1aaf461f4b003ed91dbda76e.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:14 GMT
strict-transport-security
max-age=63072000; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 20 Oct 2022 06:39:46 GMT
server
cloudflare
age
228295
etag
W/"6350ed32-2bb"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77e8876089676993-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Fatima-216x300.jpeg
forward.com/wp-content/uploads/2022/12/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forward.com/wp-content/uploads/2022/12/Fatima-216x300.jpeg
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5600129790d854dac9837d1d49093553603f0cdd3195d2912bf73580d00e1ff5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:14 GMT
strict-transport-security
max-age=63072000; preload
cf-cache-status
HIT
age
223900
cf-polished
origSize=22619, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21683
cf-bgj
imgq:100,h2pri
last-modified
Wed, 21 Dec 2022 15:46:05 GMT
server
cloudflare
etag
"63a32a3d-585b"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
77e88760b9c56993-FRA
fatima-santos-2-298x300.jpeg
forward.com/wp-content/uploads/2022/12/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forward.com/wp-content/uploads/2022/12/fatima-santos-2-298x300.jpeg
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
22b1baee958e14ad1c94fe2ae771ef2ed0ed4623017f4508a3238681377bc598
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:14 GMT
strict-transport-security
max-age=63072000; preload
cf-cache-status
HIT
age
223901
cf-polished
origSize=18140, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17876
cf-bgj
imgq:100,h2pri
last-modified
Wed, 21 Dec 2022 15:46:17 GMT
server
cloudflare
etag
"63a32a49-46dc"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
77e88760b9c76993-FRA
GettyImages-1244905750-300x200.jpg
forward.com/wp-content/uploads/2022/12/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forward.com/wp-content/uploads/2022/12/GettyImages-1244905750-300x200.jpg
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
50a49555ddf54c69b91b847abfbff3c566975861fb0c85262086ae5bd58a29cd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:14 GMT
strict-transport-security
max-age=63072000; preload
cf-cache-status
HIT
age
223901
cf-polished
origSize=18756, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15567
cf-bgj
imgq:100,h2pri
last-modified
Tue, 20 Dec 2022 18:49:09 GMT
server
cloudflare
etag
"63a203a5-4944"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
77e88760b9cb6993-FRA
fatima-3-300x179.jpeg
forward.com/wp-content/uploads/2022/12/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forward.com/wp-content/uploads/2022/12/fatima-3-300x179.jpeg
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
651bb544ca88b708c43787556a94c1544a5cf3aaf2752a1a79b45f910bbff975
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:14 GMT
strict-transport-security
max-age=63072000; preload
cf-cache-status
HIT
age
223901
cf-polished
origSize=11627, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11255
cf-bgj
imgq:100,h2pri
last-modified
Wed, 21 Dec 2022 15:46:35 GMT
server
cloudflare
etag
"63a32a5b-2d6b"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
77e88760b9cd6993-FRA
promo-Ab-Cahan-Tote-1024x1024.jpg
forward.com/wp-content/uploads/2022/12/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forward.com/wp-content/uploads/2022/12/promo-Ab-Cahan-Tote-1024x1024.jpg
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3926c68bf4eabad20fedb9cba2aa76a25a0deac96ed1439910474b5e1b91b367
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:14 GMT
strict-transport-security
max-age=63072000; preload
cf-cache-status
HIT
age
226012
cf-polished
origSize=52314, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
46833
cf-bgj
imgq:100,h2pri
last-modified
Thu, 01 Dec 2022 17:31:00 GMT
server
cloudflare
etag
"6388e4d4-cc5a"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
77e88760b9ce6993-FRA
promo-Hipi-Premium-Pullover-Hoodie-1024x1024.jpg
forward.com/wp-content/uploads/2022/12/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forward.com/wp-content/uploads/2022/12/promo-Hipi-Premium-Pullover-Hoodie-1024x1024.jpg
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
32a389d79fbd87e47da0e925153c41e9baf94a8c184d9b72d5ee29deb96809e9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:14 GMT
strict-transport-security
max-age=63072000; preload
cf-cache-status
HIT
age
228126
cf-polished
origSize=46146, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43430
cf-bgj
imgq:100,h2pri
last-modified
Thu, 01 Dec 2022 17:33:39 GMT
server
cloudflare
etag
"6388e573-b442"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
77e88760b9cf6993-FRA
promo-khanike-Mens-Premium-T-1024x1024.jpg
forward.com/wp-content/uploads/2022/12/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forward.com/wp-content/uploads/2022/12/promo-khanike-Mens-Premium-T-1024x1024.jpg
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ec3af8cf61bf3c9ac95828e6df93c4387df862ad2649e938e376c74e617e84a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:14 GMT
strict-transport-security
max-age=63072000; preload
cf-cache-status
HIT
age
223901
cf-polished
origSize=64003, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
59259
cf-bgj
imgq:100,h2pri
last-modified
Thu, 01 Dec 2022 17:33:33 GMT
server
cloudflare
etag
"6388e56d-fa03"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
77e88760b9d46993-FRA
promo-The-Forverts-1897-Womens-Premium-Hoodie-1024x1024.jpg
forward.com/wp-content/uploads/2022/12/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forward.com/wp-content/uploads/2022/12/promo-The-Forverts-1897-Womens-Premium-Hoodie-1024x1024.jpg
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cff37806a2f1475eda3383f305c8aee3860320a07090fdc8034ded3ed90ab0cd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:14 GMT
strict-transport-security
max-age=63072000; preload
cf-cache-status
HIT
age
223901
cf-polished
origSize=44650, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
42025
cf-bgj
imgq:100,h2pri
last-modified
Thu, 01 Dec 2022 17:33:36 GMT
server
cloudflare
etag
"6388e570-ae6a"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
77e88760b9d56993-FRA
viewall.jpg
forward.com/wp-content/uploads/2022/12/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forward.com/wp-content/uploads/2022/12/viewall.jpg
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0c28f33db12062afd94e4dc7ba9e520b3f40770e06e1744c850872714385897
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:14 GMT
strict-transport-security
max-age=63072000; preload
cf-cache-status
HIT
age
226831
cf-polished
origSize=13854, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13846
cf-bgj
imgq:100,h2pri
last-modified
Tue, 06 Dec 2022 16:33:29 GMT
server
cloudflare
etag
"638f6ed9-361e"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
77e88760b9d96993-FRA
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=2095372866&t=pageview&_s=1&dl=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F&ul=en-us&de=UTF-8&dt=Congressman-elect%20George%20Santos%20lied%20about%20grandparents%20fleeing%20anti-Jewish%20persecution%20during%20WWII%20%E2%80%93%20The%20Forward&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=191687197&gjid=282444495&cid=550322770.1671876434&tid=UA-7290892-1&_gid=2105209662.1671876434&_r=1&gtm=2oubu0&z=218005246
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://forward.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=2095372866&t=pageview&_s=1&dl=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F&ul=en-us&de=UTF-8&dt=Congressman-elect%20George%20Santos%20lied%20about%20grandparents%20fleeing%20anti-Jewish%20persecution%20during%20WWII%20%E2%80%93%20The%20Forward&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAACAAI~&jid=1893774431&gjid=235514902&cid=550322770.1671876434&tid=UA-7290892-1&_gid=2105209662.1671876434&_r=1&_slc=1&cd1=Article&cg1=Article&cd2=Andrew%20Silverstein&cd3=20221221&cd4=Wednesday&cd5=News&cd6=off&cd7=News&cd8=Congress_Congressional%20Republicans_Holocaust_new%20york%20politics&cd12=Congress&cd13=529130&cd14=Jodi%20Rudoren&cd20=no&z=1909333960
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://forward.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
1138270999612182
connect.facebook.net/signals/config/ 		292 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1138270999612182?v=2.9.90&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f050dd665b935a362dfaba1872588b13d4b1391f9f355252ad00a7d50097aee1
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 24 Dec 2022 10:07:14 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
ch9Khb9UCWmGTM4CS89h3XU2/4FeAAzTBMXn3q1g0oMcti3bdcHKZvq95ureyEt1LDyjyO+6OrzgtIoEaxBuWA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		211 B
522 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=forward.com&domain=forward.com&path=%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F
Requested by
Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f841897bfa312ae67cb627afaf2bfe992fc91246cfa20e91abcd7b02ddcd40f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-cache-hits
1
date
Sat, 24 Dec 2022 10:07:14 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 varnish
age
3343
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
164
x-served-by
cache-fra-eddf8230117-FRA
x-timer
S1671876434.329363,VS0,VE1
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Thu, 22 Dec 2022 09:11:31 GMT
clarity.js
www.clarity.ms/eus2-f/s/0.7.1/ 		55 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/eus2-f/s/0.7.1/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/bnnwco9u6z?ref=wordpress
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4f:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
da5186fe0bb5dd59e7ece6ee7efac70c31755611e385fa423585572cb9628fcf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:14 GMT
content-encoding
br
last-modified
Wed, 01 Jun 2022 12:22:22 GMT
server
Microsoft-IIS/10.0
x-azure-ref-originshield
0R6WmYwAAAAAW3sIMRbDwRaj2B3mUDJnCRlJBMjMxMDUwNDE4MDM3ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
etag
"1d913c18f6c839e"
x-azure-ref
0Us+mYwAAAAA5D3hRhgm7T7Y5fQz1Qf9iRlJBMzFFREdFMDMwOAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache
TCP_HIT
content-type
application/javascript;charset=utf-8
cache-control
public,max-age=86400
accept-ranges
bytes
request-context
appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
collect
stats.g.doubleclick.net/j/ 		4 B
439 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-7290892-1&cid=550322770.1671876434&jid=191687197&gjid=282444495&_gid=2105209662.1671876434&_u=YEBAAUAAAAAAACAAI~&z=717300067
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 24 Dec 2022 10:07:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://forward.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-7290892-1&cid=550322770.1671876434&jid=1893774431&gjid=235514902&_gid=2105209662.1671876434&_u=YEDAAUABAAAAACAAI~&z=1115635065
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 24 Dec 2022 10:07:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://forward.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
344 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-M5T63K49VC&gtm=2oebu0&_p=2095372866&_gaz=1&cid=550322770.1671876434&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1671876434&sct=1&seg=0&dl=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F&dt=Congressman-elect%20George%20Santos%20lied%20about%20grandparents%20fleeing%20anti-Jewish%20persecution%20during%20WWII%20%E2%80%93%20The%20Forward&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M5T63K49VC&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:14 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://forward.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
47 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-M5T63K49VC&cid=550322770.1671876434&gtm=2oebu0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M5T63K49VC&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:14 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://forward.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-M5T63K49VC&cid=550322770.1671876434&gtm=2oebu0&aip=1&z=1688273045
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-7290892-1&cid=550322770.1671876434&jid=191687197&_u=YEBAAUAAAAAAACAAI~&z=1979645087
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-7290892-1&cid=550322770.1671876434&jid=191687197&_u=YEBAAUAAAAAAACAAI~&z=1979645087
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-7290892-1&cid=550322770.1671876434&jid=1893774431&_u=YEDAAUABAAAAACAAI~&z=537886169
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-7290892-1&cid=550322770.1671876434&jid=1893774431&_u=YEDAAUABAAAAACAAI~&z=537886169
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
n.clarity.ms/ 		0
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://n.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-f/s/0.7.1/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.184.204.244 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
https://forward.com
date
Sat, 24 Dec 2022 10:07:14 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
vary
Origin
request-context
appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
load
experience.piano.io/xbuilder/experience/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://experience.piano.io/xbuilder/experience/load?aid=6Z1jcPLepu&v=9
Requested by
Host: forward.com
URL: https://forward.com/wp-content/themes/studio-simpatico/js/piano/init.js?ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7a54611f312c7b00cdb2d7820104c1b00737c014c968645b4cb5cac7035a16a
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
date
Sat, 24 Dec 2022 10:07:14 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 24 Dec 2022 10:04:28 GMT
server
cloudflare
age
166
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=1800
cf-ray
77e887645eec9bc5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
gvr9y5hazo
expires
Sat, 24 Dec 2022 10:37:14 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-forward-com.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
34fd432b7a129fd6d9599b585bcfc8cde51d7cfd47ad4f906f0b36ac359a562a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27666
x-xss-protection
0
server
sffe
etag
"1430 / 597 of 1000 / last-modified: 1670587582"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 24 Dec 2022 10:07:14 GMT
admin-ajax.php
forward.com/wp-admin/ 		16 B
416 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forward.com/wp-admin/admin-ajax.php
Requested by
Host: forward.com
URL: https://forward.com/wp-content/themes/studio-simpatico/js/jquery.min.js?ver=6.1.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / WP Engine
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
strict-transport-security
max-age=63072000; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-powered-by
WP Engine
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
vary
Origin
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://forward.com
cache-control
no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
x-robots-tag
noindex
cf-ray
77e88764282d6993-FRA
expires
Wed, 11 Jan 1984 05:00:00 GMT
carousel-arrow-black.svg
forward.com/wp-content/themes/studio-simpatico/svgs/ 		1015 B
707 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forward.com/wp-content/themes/studio-simpatico/svgs/carousel-arrow-black.svg
Requested by
Host: forward.com
URL: https://forward.com/wp-content/cache/autoptimize/css/autoptimize_e2d5fc7a1aaf461f4b003ed91dbda76e.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
685801d3c8b876ac74c45d86faa822ef6f16635330b2de83d0abe83f22586c38
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/wp-content/cache/autoptimize/css/autoptimize_e2d5fc7a1aaf461f4b003ed91dbda76e.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:14 GMT
strict-transport-security
max-age=63072000; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 20 Oct 2022 06:38:16 GMT
server
cloudflare
age
226830
etag
W/"6350ecd8-3f7"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77e8876438556993-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=forward.com&p=%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F&u=GYQjvC9dCBaBoszMj&d=forward.com&g=53213&g0=News&g1=Andrew%20Silverstein&n=1&f=00001&c=0&x=0&m=0&y=6632&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F&b=1283&t=C5fdHOBLMND2DThJgvDOhUQbJCDGV&V=139&i=Congressman-elect%20George%20Santos%20lied%20about%20grandparents%20fleeing%20anti-Jewish%20persecution%20during%20WWII%20&tz=0&sn=1&sv=Cjff33Dzb3_bD4hPW4ett-dBAuPhV&sd=1&im=067b0fff&_
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.154.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-154-34.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 24 Dec 2022 10:07:14 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1138270999612182&ev=PageView&dl=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F&rl=&if=false&ts=1671876434625&sw=1600&sh=1200&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.1.1671876434624.1001123629&it=1671876434158&coo=false&rqm=GET
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 24 Dec 2022 10:07:14 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
wave-forward.js
widget.sellwild.com/wave/ 		47 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.sellwild.com/wave/wave-forward.js
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-66.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d6e658a0ff113eabdc2f6394627f5d4365a5a1dc7a2fe160daec5dd598834015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 00:42:24 GMT
content-encoding
gzip
via
1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
last-modified
Thu, 07 Jul 2022 19:42:25 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
33891
etag
W/"8ff92b9501c4bfeea573ef8a95acafff"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1209600,public
x-amz-cf-id
g11gn_E26KOvluO2l1N5UbqGF9n8YVVFC-ljtLcpoXEBQtHOYXDttA==
tinypass.min.js
cdn.tinypass.com/api/ 		335 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tinypass.com/api/tinypass.min.js
Requested by
Host: experience.piano.io
URL: https://experience.piano.io/xbuilder/experience/load?aid=6Z1jcPLepu&v=9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cca98b281de5d8444eadf7c77b84ea6b5891ecf9e5bcdaa3fcdb77167772c0c5
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:14 GMT
x-amz-version-id
i6ZIz4PhQy7O8rs3JwaMtsFzcCg7a1SI
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=86400; includeSubDomains
x-amz-request-id
9DPTPA1DF6RSSYWY
age
5274
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
cKV1ZYAylq7NhyOTB8XmNlZKwbyJmoRJJVDxwIx1fkFoS28btbkMkdIqgn0QC6wAYECXXf0zGQw=
last-modified
Tue, 20 Dec 2022 10:29:48 GMT
server
cloudflare
etag
W/"1358ef6fb009e97cdadbff1cbf92700d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
77e8876538302bb5-FRA
expires
Sat, 24 Dec 2022 14:07:14 GMT
pubads_impl_2022120701.js
securepubads.g.doubleclick.net/gpt/ 		382 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2f8c7997f52d388163a69b8832524663fd4b607f83cdb13ed9c6e928ad71fac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 22:23:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
42234
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132289
x-xss-protection
0
last-modified
Wed, 07 Dec 2022 09:34:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 23 Dec 2023 22:23:20 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		445 B
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=forward.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e2eec9839f427a77f6427a55e2c2f1d54b5a4620a8b30f53de1b1081f0505f8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:14 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
156
x-xss-protection
0
expires
Sat, 24 Dec 2022 10:07:14 GMT
cx.cce.js
cdn.cxense.com/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.cce.js
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a:398::268b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
5b4c012c740d120a384871f05af3184799f6e2b607767a5d6229e2a82aac103b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:15 GMT
Content-Encoding
gzip
Last-Modified
Fri, 07 Oct 2022 14:05:13 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5959
Expires
Sat, 24 Dec 2022 11:07:15 GMT
execute
c2.piano.io/xbuilder/experience/ 		27 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2.piano.io/xbuilder/experience/execute?aid=6Z1jcPLepu
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29b2570b62726b892e2c625b6dadab54e18885d34359c214e47fd78b26056854
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
474n8e636f
pragma
no-cache
server
cloudflare
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://forward.com
access-control-expose-headers
Composer-Request-Control-Policy
cache-control
no-cache, no-store
access-control-allow-credentials
true
cf-ray
77e887668b669bc5-FRA
localstore.js
script.4dex.io/ 		483 B
1021 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-forward-com.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:15 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Wed, 23 Nov 2022 15:43:18 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
2655364
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SAKWd%2BKOmw3PTwoWIlxBY96XrXfMip7tQnDPGlRuDcAMJbmaN%2FaHzffCPyKR4m7YYXGJpGd3vvzEzKXxr4d2sVXxsCf%2FxQPjTFXO%2Fu0AJf3yq4Ez1vVGwAeGzDptWNaN2KKwOgTibn109AQI"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
77e8876728ab9bc2-FRA
/
hb.emxdgt.com/ 		0
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=700&ts=1671876434961&src=pbjs
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-forward-com.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.92.0 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-92-0.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://forward.com
date
Sat, 24 Dec 2022 10:07:15 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
prebid
exchange.postrelease.com/ 		0
389 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://exchange.postrelease.com/prebid?ntv_ptd=1171430,1171417&ntv_pb_rid=53043f1ae88cef&ntv_ppc=eyJhZFVuaXRzIjpbeyJhZFVuaXRDb2RlIjoiTGVhZGVyYm9hcmRfMSIsIm1lZGlhVHlwZXMiOnsiYmFubmVyIjp7InNpemVzIjpbWzcyOCw5MF0sWzk3MCwyNTBdLFs3MjgsMjUwXV19fX0seyJhZFVuaXRDb2RlIjoiTGVhZGVyYm9hcmRfMSIsIm1lZGlhVHlwZXMiOnsiYmFubmVyIjp7InNpemVzIjpbWzcyOCw5MF0sWzk3MCwyNTBdLFs3MjgsMjUwXV19fX1dfQ==&ntv_dbr=eyJMZWFkZXJib2FyZF8xIjoxfQ==&ntv_url=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-forward-com.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.198.4.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-4-174.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
gzip
server
nginx/1.12.1
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://forward.com
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
content-length
20
expires
Mon, 1 Jan 1990 12:00:00 GMT
v2
e.serverbid.com/api/ 		16 B
202 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-forward-com.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://forward.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
42
adreq
ads.servenobid.com/ 		1 KB
776 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=9111
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-forward-com.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.174.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-174-255.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
3e1d40d61675b457b5d50a02d4c80bb2f2dc97598e705a97b6ba0390abb1d5e8

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://forward.com
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ 		303 B
850 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23990&site_id=407070&zone_id=2282352&size_id=2&alt_size_ids=57&rf=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F&tk_flint=pbjs_lite_v6.27.0&x_source.tid=67c29617-0cc8-4ea4-aa34-a014c8de488e&l_pb_bid_id=1355505bd15bcad&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.2973304996656867
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-forward-com.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
4491e279d7458910fc3551a972e83788019fd683f735016276f38dfc88d82b1d

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:15 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://forward.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
303
expires
Wed, 17 Sep 1975 21:32:10 GMT
adreq
ads.servenobid.com/ 		1 KB
777 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=9167
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-forward-com.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.174.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-174-255.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
3e1d40d61675b457b5d50a02d4c80bb2f2dc97598e705a97b6ba0390abb1d5e8

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://forward.com
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ 		303 B
626 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23990&site_id=407070&zone_id=2282352&size_id=2&alt_size_ids=57&rf=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F&tk_flint=pbjs_lite_v6.27.0&x_source.tid=d1da612a-ef33-4f57-800b-e263de162761&l_pb_bid_id=170f343346cb764&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8883660425023956
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-forward-com.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
a9a0048cd62fa97d7b9953ec74f9fc77c1adde8f9eb28b34ba407a11863d553f

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:15 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://forward.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
303
expires
Wed, 17 Sep 1975 21:32:10 GMT
/
hb.emxdgt.com/ 		0
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=700&ts=1671876434970&src=pbjs
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-forward-com.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.92.0 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-92-0.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://forward.com
date
Sat, 24 Dec 2022 10:07:15 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
v2
e.serverbid.com/api/ 		16 B
201 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-forward-com.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://forward.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
42
prebid
exchange.postrelease.com/ 		0
390 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://exchange.postrelease.com/prebid?ntv_ptd=1171430,1171417&ntv_pb_rid=24d9475c4daa209&ntv_ppc=eyJhZFVuaXRzIjpbeyJhZFVuaXRDb2RlIjoiTGVhZGVyYm9hcmRfMiIsIm1lZGlhVHlwZXMiOnsiYmFubmVyIjp7InNpemVzIjpbWzcyOCw5MF0sWzk3MCwyNTBdLFs3MjgsMjUwXV19fX0seyJhZFVuaXRDb2RlIjoiTGVhZGVyYm9hcmRfMiIsIm1lZGlhVHlwZXMiOnsiYmFubmVyIjp7InNpemVzIjpbWzcyOCw5MF0sWzk3MCwyNTBdLFs3MjgsMjUwXV19fX1dfQ==&ntv_dbr=eyJMZWFkZXJib2FyZF8xIjoxLCJMZWFkZXJib2FyZF8yIjoxfQ==&ntv_url=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-forward-com.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.198.4.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-4-174.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
gzip
server
nginx/1.12.1
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://forward.com
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
content-length
20
expires
Mon, 1 Jan 1990 12:00:00 GMT
/
hb.emxdgt.com/ 		0
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=700&ts=1671876434973&src=pbjs
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-forward-com.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.92.0 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-92-0.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://forward.com
date
Sat, 24 Dec 2022 10:07:15 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
fastlane.json
fastlane.rubiconproject.com/a/api/ 		284 B
607 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23990&site_id=407070&zone_id=2282352&size_id=15&rf=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F&tk_flint=pbjs_lite_v6.27.0&x_source.tid=eea8cf7f-8055-41a6-a87a-64e4b6242df0&l_pb_bid_id=304009a516c59ff&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3851350180438333
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-forward-com.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
6cf4f203e1c0a307b44cfa36cf044bcd5097f5968048c22dd4c76d719429f6aa

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:15 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://forward.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
284
expires
Wed, 17 Sep 1975 21:32:10 GMT
adreq
ads.servenobid.com/ 		1 KB
776 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=9407
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-forward-com.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.174.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-174-255.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
3e1d40d61675b457b5d50a02d4c80bb2f2dc97598e705a97b6ba0390abb1d5e8

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://forward.com
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
v2
e.serverbid.com/api/ 		16 B
387 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-forward-com.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://forward.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
42
adreq
ads.servenobid.com/ 		1 KB
776 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=4135
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-forward-com.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.174.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-174-255.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
3e1d40d61675b457b5d50a02d4c80bb2f2dc97598e705a97b6ba0390abb1d5e8

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://forward.com
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
v2
e.serverbid.com/api/ 		16 B
201 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-forward-com.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://forward.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
42
/
hb.emxdgt.com/ 		0
156 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=700&ts=1671876434977&src=pbjs
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-forward-com.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.92.0 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-92-0.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://forward.com
date
Sat, 24 Dec 2022 10:07:15 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
prebid
exchange.postrelease.com/ 		0
389 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://exchange.postrelease.com/prebid?ntv_ptd=1171414&ntv_pb_rid=462dca842185194&ntv_ppc=eyJhZFVuaXRzIjpbeyJhZFVuaXRDb2RlIjoiTGFyZ2VfTVBVXzEiLCJtZWRpYVR5cGVzIjp7ImJhbm5lciI6eyJzaXplcyI6W1szMDAsNjAwXSxbMzAwLDI1MF1dfX19XX0=&ntv_dbr=eyJMZWFkZXJib2FyZF8xIjoxLCJMZWFkZXJib2FyZF8yIjoxLCJMYXJnZV9NUFVfMSI6MH0=&ntv_url=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-forward-com.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.198.4.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-4-174.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
gzip
server
nginx/1.12.1
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://forward.com
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
content-length
20
expires
Mon, 1 Jan 1990 12:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		304 B
627 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23990&site_id=407070&zone_id=2282352&size_id=15&alt_size_ids=10&rf=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F&tk_flint=pbjs_lite_v6.27.0&x_source.tid=6e2be198-05f7-43c1-8c02-75d2be52d1e8&l_pb_bid_id=494518f43ea4b53&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.39649167687187625
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-forward-com.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
4e7f56bf38f55ce073cd15903e33ffb0db514a55a17ea705e9def802ade737dc

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:15 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://forward.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
304
expires
Wed, 17 Sep 1975 21:32:10 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=forward.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=forward.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		20 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4000870435497380&correlator=246356571167512&eid=31071094%2C31071150%2C31071257%2C44777628&output=ldjh&gdfp_req=1&vrg=2022120701&ptt=17&impl=fif&iu_parts=22253468549%3A22704151777%2Cwavefrontnetwork%2Cforward&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x250&ifi=1&adks=2826849246&didk=2870492716&sfv=1-0-40&prev_scp=pos%3Dsuper_leaderboard%26tld%3Dforward.com%26TLD_POSITION%3Dforward.com_super_leaderboard_1%26fqdn%3Dforward.com%26refresh%3D0_forward.com%26refresh_count%3D0%26domId%3Dsuper_leaderboard_1%26FURL%3D%252Fnews%252F529130%252Fgeorge-santos-jewish-lie-genealogy-records%252F%26SURL%3D248b7f4f19a75076c26b76f83f4becc8c20283df%26INVIEW%3D1%26sttrackid%3D0xfpqgznkd%26GMAV%3D0_forward.com%26PAV%3D1_forward.com&eri=1&cust_params=device%3Ddesktop%26video%3Dno%26minute_rb%3D5SOV_7%26second_rb%3D5SOV_14%26referrer%3Dother&sc=1&cookie_enabled=1&abxe=1&dt=1671876435011&lmt=1671876435&dlt=1671876433663&idt=1281&adxs=436&adys=62&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F&frm=20&vis=1&psz=1600x86&msz=1600x46&fws=0&ohw=0&ga_vid=550322770.1671876434&ga_sid=1671876435&ga_hid=2095372866&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
32415188f05aa5bbbd1e7a55ba8e480f62411c438026761975b18093ac961190
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9657
x-xss-protection
0
google-lineitem-id
6039296123
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138394504908
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://forward.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4000870435497380&correlator=246356571167512&eid=31071094%2C31071150%2C31071257%2C44777628&output=ldjh&gdfp_req=1&vrg=2022120701&ptt=17&impl=fif&iu_parts=22253468549%3A22704151777%2Cwavefrontnetwork%2Cforward&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=2&adks=1220305291&didk=1971291615&sfv=1-0-40&ists=1&prev_scp=pos%3Doop%26tld%3Dforward.com%26TLD_POSITION%3Dforward.com_oop_1%26fqdn%3Dforward.com%26refresh%3D0_forward.com%26refresh_count%3D0%26domId%3Doop_1%26FURL%3D%252Fnews%252F529130%252Fgeorge-santos-jewish-lie-genealogy-records%252F%26SURL%3D248b7f4f19a75076c26b76f83f4becc8c20283df%26INVIEW%3D1%26sttrackid%3Dk15nez42tz%26GMAV%3D0_forward.com%26PAV%3D1_forward.com&eri=1&cust_params=device%3Ddesktop%26video%3Dno%26minute_rb%3D5SOV_7%26second_rb%3D5SOV_14%26referrer%3Dother&sc=1&cookie_enabled=1&abxe=1&dt=1671876435015&lmt=1671876435&dlt=1671876433663&idt=1281&adxs=0&adys=86&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F&frm=20&vis=1&psz=1600x0&msz=1600x0&fws=0&ohw=0&ga_vid=550322770.1671876434&ga_sid=1671876435&ga_hid=2095372866&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d4bf6f31d4e4cfa95410af4827fcd551aef078c06b55561c51dd5dedf258479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3523
x-xss-protection
0
google-lineitem-id
6172271741
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138415316919
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://forward.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
18ac39e9d44761ba375f80b3a5165cc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8542 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://18ac39e9d44761ba375f80b3a5165cc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 24 Dec 2022 10:07:15 GMT
expires
Sun, 24 Dec 2023 10:07:15 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Georgia
Requested by
Host: widget.sellwild.com
URL: https://widget.sellwild.com/wave/wave-forward.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
libcode3.js
ads.bidstreamserver.com/js/ 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.bidstreamserver.com/js/libcode3.js
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.10.31.14 Edmonton, Canada, ASN36483 (GOSSAMERTHREADS, CA),
Reverse DNS
Software
nginx /
Resource Hash
6908729e3bc9522da94024c2a7a193637f65f8f60956898ba4eb7599c335b80a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:15 GMT
Content-Encoding
gzip
Last-Modified
Tue, 25 Oct 2022 15:34:24 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Cache-Control
public, max-age=86400
Connection
keep-alive
Expires
Sun, 25 Dec 2022 10:07:15 GMT
359
a.ad.gt/api/v1/u/matches/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/359?url=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F&ref=
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.24.69.139 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-24-69-139.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
154030c2348ebfb899f87c7c16fbe980d39819ea9cadc65c3538be5edb1da845

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
gzip
cross-origin-resource-policy
cross-origin
server
nginx/1.20.0
content-type
application/javascript
listings-img-data-sm
cache.sellwild.com/ 		1 MB
966 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cache.sellwild.com/listings-img-data-sm
Requested by
Host: widget.sellwild.com
URL: https://widget.sellwild.com/wave/wave-forward.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-114.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4cc1ba4170fa295560898913d75045515d049fdafca64839928fc937b5b12261

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 09:43:33 GMT
content-encoding
gzip
via
1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
age
1423
x-cache
Hit from cloudfront
content-length
988099
last-modified
Sat, 24 Dec 2022 09:43:22 GMT
server
AmazonS3
etag
"f9625f454e727c406df629baea0e5195"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-amz-cf-id
tbf6zN8YxrQritK8mDfJcLcL0-dKbKQTJZnM-Tfu4hNncq7kyfEajw==
adagio.js
script.4dex.io/ 		74 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:15 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
J4BCM0NMW7VESW1N
Age
86667
Transfer-Encoding
chunked
Connection
keep-alive
x-amz-id-2
jAwttEdR6tBa7CplkSZ1GA8/oXRADY6NiSPKhArBaUAW6wXjqFwvJh6dPnFeeKAycCiyE/goY/g=
Last-Modified
Tue, 22 Nov 2022 09:44:15 GMT
Server
cloudflare
ETag
W/"c56b6332dacf72f135afcd153ae22448"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GAUd7lWq3A8zC6TunKzTB%2BB2UpfChbOhezIqgqaV1%2FtIoz9KUohaEOJDf7wf7IPOxOx1r%2FBpaZ3cCI9xloBz9ktFnAA5kjqDGGYUwstyjmmO%2BV2WIe9JM%2FCoAD30diJKJSSbjWH5D8okrnD%2B"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
CF-RAY
77e88767ebb6bbc7-FRA
cx.js
cdn.cxense.com/ 		107 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.cce.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a:398::268b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c81dcbfcda9318d5f8a090d0de11268066194a28159e3c058582022c60ef5b1e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:15 GMT
Content-Encoding
gzip
Last-Modified
Tue, 06 Dec 2022 05:42:00 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
34695
Expires
Sat, 24 Dec 2022 11:07:15 GMT
loadTemplateContext
buy.tinypass.com/api/v3/anon/template/ 		586 B
779 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/api/v3/anon/template/loadTemplateContext?aid=6Z1jcPLepu
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
723bf6deb6a0e7ba3f6d8c3753f44df0d069ae7636b877c406ce9aabad727f08
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
M344enrNgcS
pragma
no-cache
wn
prod-dash-10-0-95-135
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
server-time
0.004
cache-control
no-cache, no-store, must-revalidate
cf-ray
77e887686ff768fd-FRA
expires
0
cacheableShow
buy.tinypass.com/checkout/template/ Frame 5813 		11 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTLFKRY569ZK&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EX6TYRXXTQW3&iframeId=offer_f76144f4699d366ef6df-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c3a172c032d08eddf559425fe25707602a382f01ebdee4576fefce85c66184b
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-methods
*
access-control-allow-origin
https://dashboard.piano.io
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=900
cf-cache-status
MISS
cf-ray
77e88767dd402bb5-FRA
content-encoding
br
content-type
text/html;charset=UTF-8
date
Sat, 24 Dec 2022 10:07:15 GMT
expires
Sat, 24 Dec 2022 10:22:15 GMT
last-modified
Sat, 24 Dec 2022 10:07:15 GMT
p3p
CP="NON DSP COR OUR IND"
pragma
server
cloudflare
server-time
0.002
strict-transport-security
max-age=86400; includeSubDomains
vary
accept-encoding
wn
prod-dash-10-0-112-107
x-forwarded-https
on
x-request-id
M344enrrD75
x-xss-protection
0
loadTemplateContext
buy.tinypass.com/api/v3/anon/template/ 		586 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/api/v3/anon/template/loadTemplateContext?aid=6Z1jcPLepu
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb02dc03b47316747ce2fd9973cff08af33fbacba4cbcd2e52d8ffed5cc1e7e9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
M344enrS0iL
pragma
no-cache
wn
prod-dash-10-0-95-135
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
server-time
0.005
cache-control
no-cache, no-store, must-revalidate
cf-ray
77e887686ff868fd-FRA
expires
0
cacheableShow
buy.tinypass.com/checkout/template/ Frame 5F6B 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTJFG6TAHQXX&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EX6TYRXXTQW3&iframeId=offer_5907f1c6ace01720d9e3-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b223bbd695f51b1e40ad55d494702d764f1d72d8b55966330a7ef014c8807140
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-methods
*
access-control-allow-origin
https://dashboard.piano.io
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=900
cf-cache-status
MISS
cf-ray
77e88767dd3e2bb5-FRA
content-encoding
br
content-type
text/html;charset=UTF-8
date
Sat, 24 Dec 2022 10:07:15 GMT
expires
Sat, 24 Dec 2022 10:22:15 GMT
last-modified
Sat, 24 Dec 2022 10:07:15 GMT
p3p
CP="NON DSP COR OUR IND"
pragma
server
cloudflare
server-time
0.001
strict-transport-security
max-age=86400; includeSubDomains
vary
accept-encoding
wn
prod-dash-10-0-112-107
x-forwarded-https
on
x-request-id
M344enrK5Dm
x-xss-protection
0
loadTemplateContext
buy.tinypass.com/api/v3/anon/template/ 		586 B
427 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/api/v3/anon/template/loadTemplateContext?aid=6Z1jcPLepu
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb02dc03b47316747ce2fd9973cff08af33fbacba4cbcd2e52d8ffed5cc1e7e9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
M344enrpIZF
pragma
no-cache
wn
prod-dash-10-0-142-210
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
server-time
0.003
cache-control
no-cache, no-store, must-revalidate
cf-ray
77e887686ffa68fd-FRA
expires
0
cacheableShow
buy.tinypass.com/checkout/template/ Frame 693B 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTJFG6TAHQXX&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EX6TYRXXTQW3&iframeId=offer_5907f1c6ace01720d9e3-1&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ef0da0458870d583199f929a11331e91f1d88f494dd12ff6e7b7be26c447629
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-methods
*
access-control-allow-origin
https://dashboard.piano.io
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=900
cf-cache-status
MISS
cf-ray
77e88767ed472bb5-FRA
content-encoding
br
content-type
text/html;charset=UTF-8
date
Sat, 24 Dec 2022 10:07:15 GMT
expires
Sat, 24 Dec 2022 10:22:15 GMT
last-modified
Sat, 24 Dec 2022 10:07:15 GMT
p3p
CP="NON DSP COR OUR IND"
pragma
server
cloudflare
server-time
0.002
strict-transport-security
max-age=86400; includeSubDomains
vary
accept-encoding
wn
prod-dash-10-0-92-20
x-forwarded-https
on
x-request-id
M344enrRUOj
x-xss-protection
0
loadTemplateContext
buy.tinypass.com/api/v3/anon/template/ 		585 B
433 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/api/v3/anon/template/loadTemplateContext?aid=6Z1jcPLepu
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0184df5fdaf8ba525d57fb59e089e29eb1267110c718117a09412259facaa17
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
M344enrkWrR
pragma
no-cache
wn
prod-dash-10-0-118-11
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
server-time
0.002
cache-control
no-cache, no-store, must-revalidate
cf-ray
77e887686ffc68fd-FRA
expires
0
cacheableShow
buy.tinypass.com/checkout/template/ Frame 975B 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTCZD3SCSDNW&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EXAVX1G5WJZ7&iframeId=offer_f73797f3090d714688ed-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
769db196f325c323eb4a1a507382ee4ddae89990aab62957ba9085d5bcc02fe7
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-methods
*
access-control-allow-origin
https://dashboard.piano.io
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=900
cf-cache-status
MISS
cf-ray
77e88767ed552bb5-FRA
content-encoding
br
content-type
text/html;charset=UTF-8
date
Sat, 24 Dec 2022 10:07:15 GMT
expires
Sat, 24 Dec 2022 10:22:15 GMT
last-modified
Sat, 24 Dec 2022 10:07:15 GMT
p3p
CP="NON DSP COR OUR IND"
pragma
server
cloudflare
server-time
0.001
strict-transport-security
max-age=86400; includeSubDomains
vary
accept-encoding
wn
prod-dash-10-0-112-107
x-forwarded-https
on
x-request-id
M344enrtn8f
x-xss-protection
0
loadTemplateContext
buy.tinypass.com/api/v3/anon/template/ 		585 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/api/v3/anon/template/loadTemplateContext?aid=6Z1jcPLepu
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5dc65ef117197b9e3018530f2a4ceab0f79e1344f6c3f2be6057a795b1e5c42
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
M344enrjaLk
pragma
no-cache
wn
prod-dash-10-0-118-11
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
server-time
0.003
cache-control
no-cache, no-store, must-revalidate
cf-ray
77e887686ffd68fd-FRA
expires
0
cacheableShow
buy.tinypass.com/checkout/template/ Frame 57C2 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTB6LZE25B0H&preload=1&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EX62K1XBY0XH&iframeId=offer_4c666372ab654245fdc1-0&displayMode=modal&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c6ded5eba95f1cffd9eff6104ef14ba3c988d57aeac98d27a51c9cef69fe50d
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-methods
*
access-control-allow-origin
https://dashboard.piano.io
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=900
cf-cache-status
MISS
cf-ray
77e88767fd662bb5-FRA
content-encoding
br
content-type
text/html;charset=UTF-8
date
Sat, 24 Dec 2022 10:07:15 GMT
expires
Sat, 24 Dec 2022 10:22:15 GMT
last-modified
Sat, 24 Dec 2022 10:07:15 GMT
p3p
CP="NON DSP COR OUR IND"
pragma
server
cloudflare
server-time
0.001
strict-transport-security
max-age=86400; includeSubDomains
vary
accept-encoding
wn
prod-dash-10-0-92-20
x-forwarded-https
on
x-request-id
M344enrnkw5
x-xss-protection
0
loadTemplateContext
buy.tinypass.com/api/v3/anon/template/ 		586 B
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/api/v3/anon/template/loadTemplateContext?aid=6Z1jcPLepu
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3810014c412a8c445ae48f7d50f0eccc2db3b179550bd3252247ef58634bde8
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
M344enr4BgD
pragma
no-cache
wn
prod-dash-10-0-95-135
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
server-time
0.005
cache-control
no-cache, no-store, must-revalidate
cf-ray
77e887686ffe68fd-FRA
expires
0
cacheableShow
buy.tinypass.com/checkout/template/ Frame 591F 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTH78FC9Z68B&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EXY3E12NMPEG&iframeId=offer_f6d07c52e265886afaed-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8bbeed2716ad13e26da5da0ac69e98128aa6bc7386355fcc078a786476c1b77
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-methods
*
access-control-allow-origin
https://dashboard.piano.io
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=900
cf-cache-status
MISS
cf-ray
77e88767fd6c2bb5-FRA
content-encoding
br
content-type
text/html;charset=UTF-8
date
Sat, 24 Dec 2022 10:07:15 GMT
expires
Sat, 24 Dec 2022 10:22:15 GMT
last-modified
Sat, 24 Dec 2022 10:07:15 GMT
p3p
CP="NON DSP COR OUR IND"
pragma
server
cloudflare
server-time
0.001
strict-transport-security
max-age=86400; includeSubDomains
vary
accept-encoding
wn
prod-dash-10-0-141-155
x-forwarded-https
on
x-request-id
M344enrpMOX
x-xss-protection
0
loadTemplateContext
buy.tinypass.com/api/v3/anon/template/ 		586 B
419 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/api/v3/anon/template/loadTemplateContext?aid=6Z1jcPLepu
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02cfe43391b946acde4fca884f7169586209b45ca8f4a8ceb5b6ea0540a9b0d7
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
M344enru0WW
pragma
no-cache
wn
prod-dash-10-0-95-209
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
server-time
0.004
cache-control
no-cache, no-store, must-revalidate
cf-ray
77e88768680068fd-FRA
expires
0
cacheableShow
buy.tinypass.com/checkout/template/ Frame A1F5 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTMCHSY055P1&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EXY3E12NMPEG&iframeId=offer_f98dd4fa2e454baae50d-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd07ce22026d06c7ed2eb1e4a0ed26b950954fe0acc8a2a85589ddf19cf3b511
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-methods
*
access-control-allow-origin
https://dashboard.piano.io
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=900
cf-cache-status
MISS
cf-ray
77e88767fd7a2bb5-FRA
content-encoding
br
content-type
text/html;charset=UTF-8
date
Sat, 24 Dec 2022 10:07:15 GMT
expires
Sat, 24 Dec 2022 10:22:15 GMT
last-modified
Sat, 24 Dec 2022 10:07:15 GMT
p3p
CP="NON DSP COR OUR IND"
pragma
server
cloudflare
server-time
0.001
strict-transport-security
max-age=86400; includeSubDomains
vary
accept-encoding
wn
prod-dash-10-0-95-209
x-forwarded-https
on
x-request-id
M344enrkLQO
x-xss-protection
0
loadTemplateContext
buy.tinypass.com/api/v3/anon/template/ 		585 B
420 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/api/v3/anon/template/loadTemplateContext?aid=6Z1jcPLepu
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0184d949e02ef4ec2ac89b102b3b13eb713bd98e204affa6275a40e187c214c3
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
M344enrb9TA
pragma
no-cache
wn
prod-dash-10-0-126-98
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
server-time
0.002
cache-control
no-cache, no-store, must-revalidate
cf-ray
77e88768680168fd-FRA
expires
0
cacheableShow
buy.tinypass.com/checkout/template/ Frame 0FE4 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTP9S6C2UYZN&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EXY3E12NMPEG&iframeId=offer_e759b0b2583bf76990fe-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b53dd39cd7cc110776cfaced521cb558faf24a7ee7664cdb388037f742d281a
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-methods
*
access-control-allow-origin
https://dashboard.piano.io
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=900
cf-cache-status
MISS
cf-ray
77e887680d872bb5-FRA
content-encoding
br
content-type
text/html;charset=UTF-8
date
Sat, 24 Dec 2022 10:07:15 GMT
expires
Sat, 24 Dec 2022 10:22:15 GMT
last-modified
Sat, 24 Dec 2022 10:07:15 GMT
p3p
CP="NON DSP COR OUR IND"
pragma
server
cloudflare
server-time
0.001
strict-transport-security
max-age=86400; includeSubDomains
vary
accept-encoding
wn
prod-dash-10-0-112-107
x-forwarded-https
on
x-request-id
M344enrPuwv
x-xss-protection
0
/
www.facebook.com/tr/ Frame 7AC6 		0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://forward.com
Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://forward.com
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Sat, 24 Dec 2022 10:07:15 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
adgrid-crmc.js
console.adgrid.io/wp-content/uploads/crmc/library/ Frame 3559 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://console.adgrid.io/wp-content/uploads/crmc/library/adgrid-crmc.js
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:709 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d86448ecf96adca9ba3db580e2b5e2c58f2da912810d1ecda6a993afc2a9ef7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
360
cf-polished
origSize=23583
cf-bgj
minify
last-modified
Fri, 23 Dec 2022 19:25:13 GMT
server
cloudflare
etag
W/"5c1f-5f083beaa7488-gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OqlQtAkdB8kHC4Vla97JdRWq%2Ft%2BJI5OH6yUsH%2BeBll%2Bup6l%2BVXQXSwwVjeeneNHI4tbmfU%2F7AtUQE1Rgj1pGP%2FvmtZpN7GXLLFDAy4q2qOKbVHTyqg4W73e2Uyr4U6L0fJD49D3oNjs9Vckb7f5l"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
cf-ray
77e887683ac36958-FRA
access-control-allow-headers
origin, x-requested-with, content-type, accept
truncated
/ Frame 3559 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
603fbddb25f32e654f70569a7f68c485d22fa56717f7a25b1770b0811dd52170

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
sp1.html
cdn.cxense.com/ Frame 09B4 		684 B
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/sp1.html
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a:398::268b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
535be4b8bedf82433d210152dfb19dd4eaf5796c4e61c2be1c2ed356827b5580

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Cache-Control
max-age=864000
Connection
keep-alive
Content-Encoding
gzip
Content-Length
379
Content-Type
text/html
Date
Sat, 24 Dec 2022 10:07:15 GMT
Expires
Tue, 03 Jan 2023 10:07:15 GMT
Last-Modified
Tue, 11 Jan 2022 07:21:04 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
4002.json
console.adgrid.io/wp-content/uploads/crmc/assets/769/ Frame 3559 		278 B
751 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://console.adgrid.io/wp-content/uploads/crmc/assets/769/4002.json
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/wp-content/uploads/crmc/library/adgrid-crmc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:709 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c39a36789ba27eb4ea25dc97a70f7200a8216009f8f88ad71c698a6c7de40af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Fri, 23 Dec 2022 18:12:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"116-5f082b90429e2"
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yLo7I%2FyHX98GT%2FBB2W63fXwbeOBBFz9Oo9nigSo5NLTEZI%2FBSZ3y0BpPkRWHdZEeK1lg%2FAnjQkJgQcHOT%2FhtpyitXZK62cAxjME0zCbJ4EU5jrkewHaRNEfMiwj9vKaHmASW6CgtV78Gqp3j6gXt"}],"group":"cf-nel","max_age":604800}
cf-ray
77e887690fa3995c-FRA
access-control-allow-headers
origin, x-requested-with, content-type, accept
view
securepubads.g.doubleclick.net/pcs/ Frame 7B55 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvDFeSoXQcSn0fKZuw61CjGK4qwGgmEjJafpzGRE-LceWs50HxDLMP7YFxpHm3uz8omq3CxxxV3ApMG_5xWDZUqQoR4DjjPr9TjL0uVZAvjns7ZdioCBSzUzEw2-YcVD7BOSBdGjhOYe7fu09H978nP1Y8rXmNRD-nLBp0JzI42zBhBzEEytaQz9nkALuR-yFKUL_AcyJlcb1afY-fX2LrJ-aNz8xOmJWPsu7QNS_UZZoLxGMAZ_x6izKnThrOvBZOutvXKl6_EILZx9cwYcQpBj3sCMus1DQrAOQypqroA3p9QnkaNZst1bvbT2MBfIpsO7CyYZ6AFGNn3r3hmCg&sai=AMfl-YQbk0DPf3s3Fo0QuD1M0krLiiDY3FWGGaR7GW6g2ky2562YLAmA37ns61cru6qjbCHHxx5kdVgoD6VuLiiC_VbNkt_DeNKtdSQrY7PXrrg11Pz9Ep8ni9zC9pPgkvcw0gvod8i5JPBY50osoFE3&sig=Cg0ArKJSzB6i7J_sMDksEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 24 Dec 2022 10:07:15 GMT
t.js
flashnetic.com/ Frame 7B55 		54 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/t.js?i=qsn3xuryjc2x7qe51g26f&cb=3591241671876435338
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cd0038772a98bda5ec58eba7ca6dc699314b866e14a3a5f45921847d033873f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
_w3ae0RYCGBlDTPjQPIQB8LKoj64xOVc
content-encoding
br
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
date
Fri, 23 Dec 2022 17:55:55 GMT
last-modified
Fri, 11 Nov 2022 10:14:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
58281
etag
W/"57c945f3c1feba973398debac47b1341"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
5d9ZDuhjF1-ogpB560IqgveCG0jYNvezmqCAH5dlWVGSAKgOv76kJQ==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7B55 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 24 Dec 2022 10:07:15 GMT
template.bundle.1.0.css
buy.tinypass.com/widget/dist/template/css/ Frame 5813 		27 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTLFKRY569ZK&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EX6TYRXXTQW3&iframeId=offer_f76144f4699d366ef6df-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d82b3b69ed27853344397a159429cced7fa5019fa56412c0a3d627471ef709ef
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTLFKRY569ZK&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EX6TYRXXTQW3&iframeId=offer_f76144f4699d366ef6df-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
4394
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 19 Dec 2022 02:56:26 GMT
wn
prod-dash-10-0-88-32
server
cloudflare
etag
W/"27358-1671418586000"
vary
accept-encoding
content-type
text/css
server-time
0.001
cache-control
public, max-age=7200
cf-ray
77e887695cf79225-FRA
expires
Sat, 24 Dec 2022 12:07:15 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/ Frame 5813 		95 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTLFKRY569ZK&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EX6TYRXXTQW3&iframeId=offer_f76144f4699d366ef6df-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
222182
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30360
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-17b8b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UnnajpMPMoUOBP0qHWzTkfolukAhffV170tPx7d9ifbJ5YinttqcEFU47u9rJFVQWLe%2FZ0WZyfjrMjiUGJroK6%2FnKwKf4js4PcN8R21HJvpPjpDMdg3%2BWy9UtTn%2FMalwUulU953PMD%2BU%2FYHFrZyegoUq"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e887699886908b-FRA
expires
Thu, 14 Dec 2023 10:07:15 GMT
jquery-migrate.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/ Frame 5813 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/jquery-migrate.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTLFKRY569ZK&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EX6TYRXXTQW3&iframeId=offer_f76144f4699d366ef6df-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1440917
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3550
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-2748"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UTtmPONQVK9PrbFlm7dONCEYORGuWRlJn7eo7YPU65Sgtj5V%2Bmz1rHV0ZbQHdmYlVWcZvF9PgV%2BGBabi049EKL27y1bgYHDW74uS1YpjNBQl1RAHSQ2Ni4TQ%2BRWM%2Bp1rpWDMqa8Tbi66ZBIIDqPccg00"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e88769988b908b-FRA
expires
Thu, 14 Dec 2023 10:07:15 GMT
angular.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 5813 		104 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTLFKRY569ZK&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EX6TYRXXTQW3&iframeId=offer_f76144f4699d366ef6df-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
215794
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35086
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-1a191"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QTAI%2BPFZJi6%2Bbl8qpXBCUw1sc7z7Bku%2BjzwHUrGtBP%2FGl%2B%2Ffbd5wBXZTx3IuhIrai2cipOlKNJgaFYVY4RPQlXV0ChgxktIu8HZbM%2FjcyRXem343xKZKxvSjQtN%2BypOkmaBoGp4vtobW%2BkrUZhPc9L65"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e88769988c908b-FRA
expires
Thu, 14 Dec 2023 10:07:15 GMT
angular-animate.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 5813 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-animate.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTLFKRY569ZK&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EX6TYRXXTQW3&iframeId=offer_f76144f4699d366ef6df-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07275140ea3f47293d4f8a51d785a766eb1c94e4ae087f7c60c5bd611328ac86
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
740717
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3978
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-2bd5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TUK1y2NYmKKr7baKTLkdU8vx16WWwtBsBtl65wdlpPZ0XG2clYEwiqbaTrJhxtMcDDkzJQpq4PXDLlUlk%2FZHUy8VEaYcGgH9LXfJQ0NuM%2BJUMAB8HF4sVZ8RrDk3xBDdHY9uBe9JyDQdu5HBRlHeO%2B3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e88769988e908b-FRA
expires
Thu, 14 Dec 2023 10:07:15 GMT
angular-cookies.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 5813 		825 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-cookies.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTLFKRY569ZK&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EX6TYRXXTQW3&iframeId=offer_f76144f4699d366ef6df-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1001796
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
434
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-339"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j%2BpzDUx1XHHV9XEFzT%2BHpm5ijO32v0FmCJn1JZpLb9vUiMwzmngOLxViisAi13JpzkMPCHnfFwfAg7NecjDQ7HA5Ww%2BF70pX98vXtzLc2TDJ5j4NjcQXbn312PTqUzkvVf1AHrOkJ9i1Db7WqxnNPY6J"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e88769988f908b-FRA
expires
Thu, 14 Dec 2023 10:07:15 GMT
angular-sanitize.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 5813 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-sanitize.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTLFKRY569ZK&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EX6TYRXXTQW3&iframeId=offer_f76144f4699d366ef6df-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3776287
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2171
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-11cf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F%2BTgLxNQrgKm2jNicyLcH%2Fg3l9WFQxOpPQZnZ1BQsibiAbWgQXphgxTk7%2FPXIsQOu%2FopM3IUannPFPByA%2FW6WdZTKk%2BSOn8o5%2BLpLJ8AtYhinPWxeaygMErRNEDcqBBy5mWCTkEVzY4cA9AcNFGwLmJc"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e887699890908b-FRA
expires
Thu, 14 Dec 2023 10:07:15 GMT
tmhDynamicLocale.min.js
cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/ Frame 5813 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/tmhDynamicLocale.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTLFKRY569ZK&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EX6TYRXXTQW3&iframeId=offer_f76144f4699d366ef6df-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1441273
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
953
last-modified
Mon, 04 May 2020 16:04:43 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d1b-ad6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gPsinSei3VdHWVFQ3hD%2BCRARiWzraR5MInj8JbcPmQP3rgz9%2FN1bHb7XCcHMGJX0W9asTDVlBkfHsBgHkYn9zHx9glkO5iCBSGAJ%2FdtE9RJ4Mcwsvu2yywzGC8OYspiWkpVXXuvLS1NPgWSkdC2lqlt5"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e887699891908b-FRA
expires
Thu, 14 Dec 2023 10:07:15 GMT
angular-ui-utils.min.js
cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/ Frame 5813 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/angular-ui-utils.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTLFKRY569ZK&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EX6TYRXXTQW3&iframeId=offer_f76144f4699d366ef6df-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
746136
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7490
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-5b33"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g74srA2SFWCmnkTEibZddbMKHNt8EeSWZm02kAN%2B9P3M7W83VAGPBiySGFD%2FPHHwDg6QGkZnjUUqHP7AL0OR%2BuwLEqtXF23hJxy0c2preJb%2Fh%2BsvjR1uWlAdSJfdDs9LWhSCztMORMX5MqQHV4LGpAMR"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e88769c8be908b-FRA
expires
Thu, 14 Dec 2023 10:07:15 GMT
angular-ui-ieshiv.js
cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/ Frame 5813 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/angular-ui-ieshiv.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTLFKRY569ZK&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EX6TYRXXTQW3&iframeId=offer_f76144f4699d366ef6df-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1916166
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
910
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-93c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CJbHlNtXJwEYGRX%2Frbm%2BMfhY6qqYP3Ayd8DXk52bWH29NOcmEkJZsn%2FDPPkFwoPKEi%2BSiCO9Hkf4658iRPK6DusM2lqKrSGCcFnKTuSt97uZSqEOGida5PjKXYSH%2BNL%2FgYlY3QjpVTTzVX3n8KvegoOc"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e88769c8bb908b-FRA
expires
Thu, 14 Dec 2023 10:07:15 GMT
angular-ui-router.min.js
cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/ Frame 5813 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/angular-ui-router.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTLFKRY569ZK&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EX6TYRXXTQW3&iframeId=offer_f76144f4699d366ef6df-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
744114
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6934
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-4f8f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GRa%2BanY8uCZOXyXzcCMfjZdm4IRq7YVFuzofoKS9Nwg7tuxmEhPx6BNPrGyeGmKv9AZBooUqWSVX7r69wkSbdjYrnBxCfYtGrTzZjVh%2Bp19LJZYKxtUrlWCf%2BDg6wTAoU7Zeldscum0X1MhHUca9H8lL"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e887699892908b-FRA
expires
Thu, 14 Dec 2023 10:07:15 GMT
H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA
buy.tinypass.com/_sam/ Frame 5813 		115 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=15.83.0
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTLFKRY569ZK&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EX6TYRXXTQW3&iframeId=offer_f76144f4699d366ef6df-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea75fb39df594682cf1e4037e2e3dcfa0c3bfd928788e4d97a5afa7de90220a6
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTLFKRY569ZK&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EX6TYRXXTQW3&iframeId=offer_f76144f4699d366ef6df-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
689
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 21 Dec 2022 14:47:48 GMT
wn
prod-dash-10-0-142-210
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
server-time
0.000
cache-control
public, max-age=604111
x-optimized-by
_sam
cf-ray
77e887695d039225-FRA
expires
Sat, 31 Dec 2022 09:55:46 GMT
cx.js
cdn.cxense.com/ Frame 09B4 		107 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a:398::268b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
b99a8be0c36ac7fb2303d06b4cd2c851c7e6a97a1c7788747f1112091f57e7a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.cxense.com/sp1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:15 GMT
Content-Encoding
gzip
Last-Modified
Tue, 06 Dec 2022 05:42:00 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
34695
Expires
Sat, 24 Dec 2022 11:07:15 GMT
template.bundle.1.0.css
buy.tinypass.com/widget/dist/template/css/ Frame 975B 		27 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTCZD3SCSDNW&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EXAVX1G5WJZ7&iframeId=offer_f73797f3090d714688ed-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d82b3b69ed27853344397a159429cced7fa5019fa56412c0a3d627471ef709ef
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTCZD3SCSDNW&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EXAVX1G5WJZ7&iframeId=offer_f73797f3090d714688ed-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
4394
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 19 Dec 2022 02:56:26 GMT
wn
prod-dash-10-0-88-32
server
cloudflare
etag
W/"27358-1671418586000"
vary
accept-encoding
content-type
text/css
server-time
0.001
cache-control
public, max-age=7200
cf-ray
77e887695d019225-FRA
expires
Sat, 24 Dec 2022 12:07:15 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/ Frame 975B 		95 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTCZD3SCSDNW&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EXAVX1G5WJZ7&iframeId=offer_f73797f3090d714688ed-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
222182
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30360
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-17b8b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nw9%2FaHTYXd0x8a9dYr3HNStd0GZLfSE69Mu%2Fp95fSDApb5DBy6Y%2BIB6U7whpCMLiExBSgLcYriwrUZNamEWfLluyNo6%2BrjKcqZLEt6TEJib36jRh7EqO1pqy3B6EGh4GAeiKHMh4EXNHJ3EBoOjgS8l5"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e88769d8f0908b-FRA
expires
Thu, 14 Dec 2023 10:07:15 GMT
jquery-migrate.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/ Frame 975B 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/jquery-migrate.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTCZD3SCSDNW&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EXAVX1G5WJZ7&iframeId=offer_f73797f3090d714688ed-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1440917
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3550
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-2748"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EvYzFZHhOloPymVotLDxZBb%2FbZcIkLLdoOuSyLfDK2G1Otn7uRzZMuD78oyPda8VvNx3vyYfMpAGRag3dYxUK7K4kMnm0h1G4ch7VJY00KBHMFoex14OFjwgm1QyWtSjGMGkaVbcz3rBzGFE%2FsOsYk%2BT"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e88769d8f3908b-FRA
expires
Thu, 14 Dec 2023 10:07:15 GMT
angular.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 975B 		104 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTCZD3SCSDNW&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EXAVX1G5WJZ7&iframeId=offer_f73797f3090d714688ed-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
215794
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35086
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-1a191"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VxTONTJp1FQmUA3j27LOU9vXVmY0pPK4THEZVTbaI5J7DU76qfVakfxxVPn2cqd1aRy566a3vZdYi6dLH%2BFPagBmbW1bXi0chHFX7JiRSILyWkgXBx4OFCyqIHg9CYclQmBzyBV%2Fpo3%2F%2FzBSP89GmXcS"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e88769d8f5908b-FRA
expires
Thu, 14 Dec 2023 10:07:15 GMT
angular-animate.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 975B 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-animate.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTCZD3SCSDNW&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EXAVX1G5WJZ7&iframeId=offer_f73797f3090d714688ed-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07275140ea3f47293d4f8a51d785a766eb1c94e4ae087f7c60c5bd611328ac86
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
740717
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3978
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-2bd5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9fF8E%2Fcjg1TGQ9%2BaUQqo83yCovz0Q7VfoT8kI0MITd9FksoC4DZPq9t2coyc6oH28jIMN716qTvVIJKS%2Fp4UOd4vGi2yqTQ8141mqdQ1A1Mr4%2FSIGa1IdHzBDv%2BITFw%2FExhbwXqs48bTzGPjYERCK%2F83"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e88769d8f8908b-FRA
expires
Thu, 14 Dec 2023 10:07:15 GMT
angular-cookies.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 975B 		825 B
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-cookies.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTCZD3SCSDNW&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EXAVX1G5WJZ7&iframeId=offer_f73797f3090d714688ed-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1001796
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
434
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-339"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wyc0CMQpYYsSF5ethLsheVfFG2FdoQdyarBdHFQfupTycEQiJyAgfhgvP3XJ7POBghDj7Ozo7IzwSxGkssY42BR5EnW56F4O0PHQKRWKb8ZN5P1rzXoOj3dnUWHQ3kuEUWd7CL9lJ%2F4wPjkaIqFc4cIc"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e88769d8f9908b-FRA
expires
Thu, 14 Dec 2023 10:07:15 GMT
angular-sanitize.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 975B 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-sanitize.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTCZD3SCSDNW&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EXAVX1G5WJZ7&iframeId=offer_f73797f3090d714688ed-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3776287
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2171
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-11cf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BrAdy0n1eZJ2brLMO0MkodpRGh41DkZgE5mmIkR4WDZ9uPLIjzWQdlXkacROdq29ciDilE49%2BrAiVeq8RXoWlXoXzj5zezkMP9nXVxyx5Xf2N7jF1jP2fphF1PWBtkpjROixK6UlKaYCYhyfIyTljvSZ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e88769d8fa908b-FRA
expires
Thu, 14 Dec 2023 10:07:15 GMT
tmhDynamicLocale.min.js
cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/ Frame 975B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/tmhDynamicLocale.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTCZD3SCSDNW&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EXAVX1G5WJZ7&iframeId=offer_f73797f3090d714688ed-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1441273
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
953
last-modified
Mon, 04 May 2020 16:04:43 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d1b-ad6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JBOO248uIknJJ%2BbVWfG3zblidaRQpuvpel0nKxJ3j4H9uCJm9MVswEUQgeBT%2B91bcgyuNlI1%2FRZGmf%2FNcQhzUa9MilKy0EZwrXAKXILX7tYNRTTq1nwx4x8i5%2BEiKRnINNv%2FR5do%2Fjy6amdW%2FZA5cPzk"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e88769d8fd908b-FRA
expires
Thu, 14 Dec 2023 10:07:15 GMT
angular-ui-utils.min.js
cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/ Frame 975B 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/angular-ui-utils.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTCZD3SCSDNW&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EXAVX1G5WJZ7&iframeId=offer_f73797f3090d714688ed-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
746136
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7490
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-5b33"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=64DpV3Ioosnqpo69Celg81bfQQe6l7GBtqUebvNPT3Gpnrt%2FbdQChbxceMQ%2BkYFrmQUobTBLXZ7qcWEirxrg%2FOR1%2FIos%2BQZtM6ca3MH98AMnIo%2F4GmA0bR7bjUClHP06mdGx7TvbmPJ44S7cy1YbTm0H"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e88769d8ff908b-FRA
expires
Thu, 14 Dec 2023 10:07:15 GMT
angular-ui-ieshiv.js
cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/ Frame 975B 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/angular-ui-ieshiv.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTCZD3SCSDNW&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EXAVX1G5WJZ7&iframeId=offer_f73797f3090d714688ed-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1916166
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
910
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-93c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ftlCOtAAd3KC6U1tJTFyKeToMrnbWE41L2RgiFiRII%2BsHGEkkJ61V0FiFKLzS4WeUyacLhFnFufps9ebOIMLkdH5QZKYYVV5YjiV9IQY4gKTpEXJGa%2FWlTTyTF7kIAulaWUyjwZNAileUqmsj3g9OwmK"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e88769d901908b-FRA
expires
Thu, 14 Dec 2023 10:07:15 GMT
angular-ui-router.min.js
cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/ Frame 975B 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/angular-ui-router.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTCZD3SCSDNW&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EXAVX1G5WJZ7&iframeId=offer_f73797f3090d714688ed-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
744114
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6934
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-4f8f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gV%2FtGqJh4n5vYwQKIh%2B9D759%2F2ECXUBn0yLXTZgjI%2FcjvZqA%2FwoOrEYlfSVLfkkhFY4fCR85zSuhY3VWBY41T49AkviLoDoUP47vQlWqI9nO1vBvioSE9qrIzwmP6bQ%2BLldAALI4WKhYL2QDGlc8EVyb"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e88769c8c8908b-FRA
expires
Thu, 14 Dec 2023 10:07:15 GMT
H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA
buy.tinypass.com/_sam/ Frame 975B 		115 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=15.83.0
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTCZD3SCSDNW&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EXAVX1G5WJZ7&iframeId=offer_f73797f3090d714688ed-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea75fb39df594682cf1e4037e2e3dcfa0c3bfd928788e4d97a5afa7de90220a6
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTCZD3SCSDNW&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EXAVX1G5WJZ7&iframeId=offer_f73797f3090d714688ed-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
689
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 21 Dec 2022 14:47:48 GMT
wn
prod-dash-10-0-142-210
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
server-time
0.000
cache-control
public, max-age=604111
x-optimized-by
_sam
cf-ray
77e887695cff9225-FRA
expires
Sat, 31 Dec 2022 09:55:46 GMT
close.svg
forward.com/workspace/res/img/piano/ Frame 975B 		1 KB
746 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forward.com/workspace/res/img/piano/close.svg
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTCZD3SCSDNW&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EXAVX1G5WJZ7&iframeId=offer_f73797f3090d714688ed-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a074de5387c8670d9293d4807e914bc7a32c752ac5871e0b7b89ad5b5f395eac
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
strict-transport-security
max-age=63072000; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 08 Apr 2022 16:03:46 GMT
server
cloudflare
age
228152
etag
W/"62505ce2-5fb"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77e8876bee0e6993-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
newsletter-title@2x.png
forward.com/wp-content/uploads/2022/08/ Frame 975B 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forward.com/wp-content/uploads/2022/08/newsletter-title@2x.png
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTCZD3SCSDNW&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EXAVX1G5WJZ7&iframeId=offer_f73797f3090d714688ed-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3893c2f4d9900890b109c242ab029b8f80a4fde21fbc1ca02166ff6adc873221
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
strict-transport-security
max-age=63072000; preload
cf-cache-status
HIT
age
228152
cf-polished
origFmt=png, origSize=3838
content-disposition
inline; filename="newsletter-title@2x.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3594
cf-bgj
imgq:100,h2pri
last-modified
Mon, 08 Aug 2022 16:03:25 GMT
server
cloudflare
etag
"62f133cd-efe"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
77e8876c5ed76993-FRA
mobile2x.png
forward.com/wp-content/uploads/2022/08/ Frame 975B 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forward.com/wp-content/uploads/2022/08/mobile2x.png
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTCZD3SCSDNW&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EXAVX1G5WJZ7&iframeId=offer_f73797f3090d714688ed-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b91b8468071d3c97579311d89afd974eba95bd6e72a7d2467c2787d0add5a34e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
strict-transport-security
max-age=63072000; preload
cf-cache-status
HIT
age
228205
cf-polished
origFmt=png, origSize=30806
content-disposition
inline; filename="mobile2x.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
29314
cf-bgj
imgq:100,h2pri
last-modified
Mon, 08 Aug 2022 17:07:51 GMT
server
cloudflare
etag
"62f142e7-7856"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
77e8876c5eda6993-FRA
css2
fonts.googleapis.com/ Frame 975B 		15 KB
961 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Merriweather+Sans:wght@700&family=Merriweather:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&display=swap
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTCZD3SCSDNW&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EXAVX1G5WJZ7&iframeId=offer_f73797f3090d714688ed-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
824223df4a2291ae00674ab03f8d1c7fabe88f06dc285e88bf9cbf63967d8ce4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 24 Dec 2022 10:07:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 24 Dec 2022 10:07:15 GMT
template.bundle.1.0.css
buy.tinypass.com/widget/dist/template/css/ Frame 57C2 		27 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTB6LZE25B0H&preload=1&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EX62K1XBY0XH&iframeId=offer_4c666372ab654245fdc1-0&displayMode=modal&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d82b3b69ed27853344397a159429cced7fa5019fa56412c0a3d627471ef709ef
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTB6LZE25B0H&preload=1&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EX62K1XBY0XH&iframeId=offer_4c666372ab654245fdc1-0&displayMode=modal&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
4394
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 19 Dec 2022 02:56:26 GMT
wn
prod-dash-10-0-88-32
server
cloudflare
etag
W/"27358-1671418586000"
vary
accept-encoding
content-type
text/css
server-time
0.001
cache-control
public, max-age=7200
cf-ray
77e887695d009225-FRA
expires
Sat, 24 Dec 2022 12:07:15 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/ Frame 57C2 		95 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTB6LZE25B0H&preload=1&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EX62K1XBY0XH&iframeId=offer_4c666372ab654245fdc1-0&displayMode=modal&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
222182
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30360
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-17b8b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gzVeUtJY%2FUvELnODhyREJvHXLuSR18q4R7KGYvgo8HRFMkGNBBwsQe7HJBE1LnhhpkBWMYvg3C%2FYbT%2Bt3BQm9fq9iso9TvjoMyfoky3mynx3yB%2Fqre1fXF%2FATKLFq55Zx0Oqav1CKGlRdF%2Fdh0DaQ%2Fqi"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e88769c8ca908b-FRA
expires
Thu, 14 Dec 2023 10:07:15 GMT
jquery-migrate.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/ Frame 57C2 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/jquery-migrate.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTB6LZE25B0H&preload=1&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EX62K1XBY0XH&iframeId=offer_4c666372ab654245fdc1-0&displayMode=modal&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1440917
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3550
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-2748"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kFP%2FO%2FtGoo1U4uerv6ru3lj8rW%2Fzkw%2FtlI57GlXnrw%2FsvThcg%2Bun5JR%2B53XsgL99qwslRmOqhwMtBPabx862AfKzMM3%2Fl4UrG6aY91JDHXwVR%2FXPe%2B07Kz67a8PLy6EMsSTjB2iD%2BmFVpGelL9O%2FCr43"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e88769c8cb908b-FRA
expires
Thu, 14 Dec 2023 10:07:15 GMT
angular.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 57C2 		104 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTB6LZE25B0H&preload=1&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EX62K1XBY0XH&iframeId=offer_4c666372ab654245fdc1-0&displayMode=modal&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
215794
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35086
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-1a191"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zk%2Fxt6mnae3oj6cz%2B6rptOf8pv4N6MTAB%2BVeuUyhPfXQYCZdPUdRcOJtvFsW4SYjNDQZSMsjw0XouxY7GjQZT5vK8URae5hby8I1bUQUuRYh7J5H1ICjSSmLgSpFp5fgDKFB55Tl5DraS3CYCx0FB6Fg"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e88769c8cc908b-FRA
expires
Thu, 14 Dec 2023 10:07:15 GMT
angular-animate.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 57C2 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-animate.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTB6LZE25B0H&preload=1&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EX62K1XBY0XH&iframeId=offer_4c666372ab654245fdc1-0&displayMode=modal&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07275140ea3f47293d4f8a51d785a766eb1c94e4ae087f7c60c5bd611328ac86
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
740717
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3978
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-2bd5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Y0ZOoqqY59v1AaTZfjHmCVw4%2BACat5K1bW9Hx9y48yWpHV4RJWleSPtglDrAWfB5IjpUHKjMhBPzXb7xZeO7%2Bm8i1Og%2BlNCtoXMgvV4JbMqrrUd05nnspmBDFXEzJyFFoSdiLU9TsZFWNAPPNlAQ04J"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e88769c8cd908b-FRA
expires
Thu, 14 Dec 2023 10:07:15 GMT
angular-cookies.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 57C2 		825 B
756 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-cookies.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTB6LZE25B0H&preload=1&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EX62K1XBY0XH&iframeId=offer_4c666372ab654245fdc1-0&displayMode=modal&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1001796
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
434
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-339"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F%2FqY0jiEh6l4ioo19vcOpPNN4ikW6v0vMF4wvUJ%2FWZM3L6E%2FMKXRCh9ww%2BwaxXxmwaKDgZlOG9aXUT67cxpWv%2Bqrh0LZFiZ12pvkLZ4nkdvV%2Bgz1inFMQBon3vsiH1zii238ed6xxtAWXUCvJ4pQmlYY"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e88769c8cf908b-FRA
expires
Thu, 14 Dec 2023 10:07:15 GMT
angular-sanitize.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 57C2 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-sanitize.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTB6LZE25B0H&preload=1&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EX62K1XBY0XH&iframeId=offer_4c666372ab654245fdc1-0&displayMode=modal&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3776287
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2171
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-11cf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ovMjOekTQJRkuoNdWyU5NeHUqlBJryKwR6PPFSbpwdas0drCSAGiu8DjI3Ytuv8oPix9LG%2F6WJW9XekCPsjWDi59cL8sDvoWM3S6HbaEMYfkHpsZU6hZ66ifG9m2gy3%2F9U8jDvp%2F%2BcLgtwXwE5cl1HQx"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e88769c8d0908b-FRA
expires
Thu, 14 Dec 2023 10:07:15 GMT
tmhDynamicLocale.min.js
cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/ Frame 57C2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/tmhDynamicLocale.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTB6LZE25B0H&preload=1&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EX62K1XBY0XH&iframeId=offer_4c666372ab654245fdc1-0&displayMode=modal&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1441273
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
953
last-modified
Mon, 04 May 2020 16:04:43 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d1b-ad6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sWpViKt1fIJoSM1ELKREVdWquQLEgYBE4HmUnE6vSAJaIcWX0IL%2Bt5fbWclrW2Cea721iGwtvhiBOc4P0nB1zMoDHN8W9mxYNd2XoBVq6b0rKoCB6yVMya61xXNelSDDzau0xLfUeQ46k2zYxA%2BQPbqL"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e88769c8d1908b-FRA
expires
Thu, 14 Dec 2023 10:07:15 GMT
angular-ui-utils.min.js
cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/ Frame 57C2 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/angular-ui-utils.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTB6LZE25B0H&preload=1&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EX62K1XBY0XH&iframeId=offer_4c666372ab654245fdc1-0&displayMode=modal&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
746136
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7490
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-5b33"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o3FbT3aUPxa2Yv%2FmUgNwfpLvdWO%2Fs%2FcECpvqLWLvmjO5Kne%2Bf0YNT93EIYwYOwL90n35p8gE19D3JG4ptY3XlAKFtntmpg4L22umlWsmbevhKxe9IN1CueJqhzYCE5quMBlrEE07HKoFf6PpawU9Mnhx"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e88769c8d2908b-FRA
expires
Thu, 14 Dec 2023 10:07:15 GMT
angular-ui-ieshiv.js
cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/ Frame 57C2 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/angular-ui-ieshiv.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTB6LZE25B0H&preload=1&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EX62K1XBY0XH&iframeId=offer_4c666372ab654245fdc1-0&displayMode=modal&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1916166
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
910
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-93c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fsy%2FvdHhSsH08MfSuSKhltT7fGG%2BwOhx67RxfBDoa06D1fMw2qg0IknQCRf%2FcUafoRdd12bNv2MirQ7pm8pRk2AqHCpQ%2BT8fv0GirCo89PfqzO%2FdSaTI3%2BTHPZKlFTEYWvrOQWrS8kKubA1md%2FbptnqB"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e88769c8d3908b-FRA
expires
Thu, 14 Dec 2023 10:07:15 GMT
angular-ui-router.min.js
cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/ Frame 57C2 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/angular-ui-router.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTB6LZE25B0H&preload=1&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EX62K1XBY0XH&iframeId=offer_4c666372ab654245fdc1-0&displayMode=modal&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
744114
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6934
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-4f8f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rIuMzLdRJTLyRNdHWoJbuaIqdsJ5JpW94Vtb7%2BPb%2BG5%2BStyjttRevcL%2F7bJGBBEUQ%2FDXcShWxfnQC%2FEYbMXCcEBwCsyxbSCDu3L52mo3GDh4tdRhiBeMS%2FBD25DNGC%2FFbInk8d2S5P%2FQkh6PBWucBm4G"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e88769c8d4908b-FRA
expires
Thu, 14 Dec 2023 10:07:15 GMT
H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA
buy.tinypass.com/_sam/ Frame 57C2 		115 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=15.83.0
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTB6LZE25B0H&preload=1&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EX62K1XBY0XH&iframeId=offer_4c666372ab654245fdc1-0&displayMode=modal&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea75fb39df594682cf1e4037e2e3dcfa0c3bfd928788e4d97a5afa7de90220a6
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTB6LZE25B0H&preload=1&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EX62K1XBY0XH&iframeId=offer_4c666372ab654245fdc1-0&displayMode=modal&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
689
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 21 Dec 2022 14:47:48 GMT
wn
prod-dash-10-0-142-210
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
server-time
0.000
cache-control
public, max-age=604111
x-optimized-by
_sam
cf-ray
77e887695cfa9225-FRA
expires
Sat, 31 Dec 2022 09:55:46 GMT
close.svg
forward.com/workspace/res/img/piano/ Frame 57C2 		1 KB
746 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forward.com/workspace/res/img/piano/close.svg
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTB6LZE25B0H&preload=1&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EX62K1XBY0XH&iframeId=offer_4c666372ab654245fdc1-0&displayMode=modal&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a074de5387c8670d9293d4807e914bc7a32c752ac5871e0b7b89ad5b5f395eac
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
strict-transport-security
max-age=63072000; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 08 Apr 2022 16:03:46 GMT
server
cloudflare
age
228152
etag
W/"62505ce2-5fb"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77e8876bee0c6993-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
newsletter-title@2x.png
forward.com/wp-content/uploads/2022/08/ Frame 57C2 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forward.com/wp-content/uploads/2022/08/newsletter-title@2x.png
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTB6LZE25B0H&preload=1&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EX62K1XBY0XH&iframeId=offer_4c666372ab654245fdc1-0&displayMode=modal&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3893c2f4d9900890b109c242ab029b8f80a4fde21fbc1ca02166ff6adc873221
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
strict-transport-security
max-age=63072000; preload
cf-cache-status
HIT
age
228152
cf-polished
origFmt=png, origSize=3838
content-disposition
inline; filename="newsletter-title@2x.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3594
cf-bgj
imgq:100,h2pri
last-modified
Mon, 08 Aug 2022 16:03:25 GMT
server
cloudflare
etag
"62f133cd-efe"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
77e8876c6f0c6993-FRA
css2
fonts.googleapis.com/ Frame 57C2 		15 KB
961 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Merriweather+Sans:wght@700&family=Merriweather:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&display=swap
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTB6LZE25B0H&preload=1&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EX62K1XBY0XH&iframeId=offer_4c666372ab654245fdc1-0&displayMode=modal&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
824223df4a2291ae00674ab03f8d1c7fabe88f06dc285e88bf9cbf63967d8ce4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 24 Dec 2022 10:07:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 24 Dec 2022 10:07:15 GMT
template.bundle.1.0.css
buy.tinypass.com/widget/dist/template/css/ Frame 5F6B 		27 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTJFG6TAHQXX&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EX6TYRXXTQW3&iframeId=offer_5907f1c6ace01720d9e3-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d82b3b69ed27853344397a159429cced7fa5019fa56412c0a3d627471ef709ef
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTJFG6TAHQXX&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EX6TYRXXTQW3&iframeId=offer_5907f1c6ace01720d9e3-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
4394
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 19 Dec 2022 02:56:26 GMT
wn
prod-dash-10-0-88-32
server
cloudflare
etag
W/"27358-1671418586000"
vary
accept-encoding
content-type
text/css
server-time
0.001
cache-control
public, max-age=7200
cf-ray
77e887695cfc9225-FRA
expires
Sat, 24 Dec 2022 12:07:15 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/ Frame 5F6B 		95 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTJFG6TAHQXX&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EX6TYRXXTQW3&iframeId=offer_5907f1c6ace01720d9e3-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
222182
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30360
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-17b8b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=izJ7PqV%2BYUdJQPJaxo29ff3aHgemCCjrQQ9zw6PBOug7KBCFt4Fq9zUbNkWozokvGU%2FpaNI2tqDQwnBCxmQAU1tlT7Qpve%2BAOoydNueup9%2FwSiC2zFTph%2BO4JvVgrgOwRiE71CKCUa2tiHXWNbiYvOJi"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e88769c8d6908b-FRA
expires
Thu, 14 Dec 2023 10:07:15 GMT
jquery-migrate.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/ Frame 5F6B 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/jquery-migrate.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTJFG6TAHQXX&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EX6TYRXXTQW3&iframeId=offer_5907f1c6ace01720d9e3-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1440917
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3550
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-2748"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C64%2BqG9FVxKH8BYg3kJa4P%2F0GPSQb%2F9TcmtYpT1IM0a172RxNIlmQ9OjMMFtcAjIqMFl%2FZtxNrt%2BD2NrHKGRd6Py4%2BG7EH%2BVanvaAljmeJjsi4wLzZAV5qE9b2WHE1T27eMSUOUV%2B6Pfv%2FnQAjbtjO9e"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e88769c8d7908b-FRA
expires
Thu, 14 Dec 2023 10:07:15 GMT
angular.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 5F6B 		104 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTJFG6TAHQXX&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EX6TYRXXTQW3&iframeId=offer_5907f1c6ace01720d9e3-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
215794
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35086
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-1a191"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T9fPusfOWRU4y%2BPJ9cm3MDLsfBc656HVjPif%2BZWhPZtdMlr%2FznAu6Oo8k3jxOnECnW1YxN1NLEZE%2BitINRoQJyCRXg9yQciWSubuia52WAtMiXuxc4n15lK4nwjk2PKNojogJ%2FlO90HU5lGJ1qwRRwdl"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e88769c8d8908b-FRA
expires
Thu, 14 Dec 2023 10:07:15 GMT
angular-animate.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 5F6B 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-animate.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTJFG6TAHQXX&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EX6TYRXXTQW3&iframeId=offer_5907f1c6ace01720d9e3-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07275140ea3f47293d4f8a51d785a766eb1c94e4ae087f7c60c5bd611328ac86
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
740717
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3978
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-2bd5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4FRFMss8vxuUzAMppWcgOlq9%2Fp%2F9iXe%2FN6vOoCX0akVlPNsrs3vH2h7cTmcNMxBXPcoWWCmrOZr%2FC%2FTHxRNJ9YucZ5rygFLX37PBU0cHuRL2HSjR7WGrSGpOYpuw3SglUeGijm8XGmSp%2Fw5uaBjNdHMn"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e88769c8d9908b-FRA
expires
Thu, 14 Dec 2023 10:07:15 GMT
angular-cookies.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 5F6B 		825 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-cookies.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTJFG6TAHQXX&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EX6TYRXXTQW3&iframeId=offer_5907f1c6ace01720d9e3-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1001796
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
434
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-339"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zaoics3aJrqHwHPHQHiQmA7rm5bQN9qotB3QQ4friZLxgvGLHtVkUxZdF38YaWhLKaWisRvzkX88%2BMYkBtU3zjXLLqduO%2BloVgiBdG9p7%2FyOFP6Rbow%2F4m4WJP5OIw22U4ngrSiJrmrJaYX7fQOym093"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e88769c8da908b-FRA
expires
Thu, 14 Dec 2023 10:07:15 GMT
angular-sanitize.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 5F6B 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-sanitize.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTJFG6TAHQXX&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EX6TYRXXTQW3&iframeId=offer_5907f1c6ace01720d9e3-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3776287
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2171
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-11cf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sPTAy0UIBNH8wxw23tVvoNEe4hzCHVyLNa6ibB5LHCofuhfQBa7y2Mh7B%2FgksmuApKv%2FonXnlxoncW10nqnEub1J84Lg67XtVzf4LvUpwLUmV2%2FurulwRpDQgsu%2F%2FXe3VhPn%2FyD5rD1FUDdYF9LJ%2F6x1"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e88769c8dd908b-FRA
expires
Thu, 14 Dec 2023 10:07:15 GMT
tmhDynamicLocale.min.js
cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/ Frame 5F6B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/tmhDynamicLocale.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTJFG6TAHQXX&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EX6TYRXXTQW3&iframeId=offer_5907f1c6ace01720d9e3-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1441273
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
953
last-modified
Mon, 04 May 2020 16:04:43 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d1b-ad6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7L2x44d%2BGNIVSRMwtNqGHLjr1x%2B8ETKoReP7urtzY87UJw02uUtcp16eJ11zr%2FsOw%2BL3adhxoJV1t7lCGchgtZ5PnDkP7JoJCxM7rsSqJnL5AdTsEGvHaJoYvrJ5aGp0vU5lPcRTXMMk%2BPItd0Y1fRem"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e88769c8de908b-FRA
expires
Thu, 14 Dec 2023 10:07:15 GMT
angular-ui-utils.min.js
cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/ Frame 5F6B 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/angular-ui-utils.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTJFG6TAHQXX&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EX6TYRXXTQW3&iframeId=offer_5907f1c6ace01720d9e3-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
746136
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7490
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-5b33"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QhakPDk4dJ5Q7elLTzr%2FPHMBhV%2BbjZBQO4fet6%2FgOxmpYYNQu4THVK9lvZhuwqk8czrelaTIN2eG0T14SLvusVWCkLdUxUN3WYqZ0oj754kylsU%2BOl%2BBvGA%2B8W8EbUtxEqlkuC0yDytLjJ3SAIEtFWUp"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e88769c8e0908b-FRA
expires
Thu, 14 Dec 2023 10:07:15 GMT
angular-ui-ieshiv.js
cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/ Frame 5F6B 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/angular-ui-ieshiv.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTJFG6TAHQXX&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EX6TYRXXTQW3&iframeId=offer_5907f1c6ace01720d9e3-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1916166
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
910
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-93c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=owaqwBOmVIaEYN7%2Fe3U6VB5wxAgeWrl6gcKP0cYoigpwgP%2B4HQ1GQu%2Bujw1g3kxT2NL60fnCyp0nPb0apLum4iwPc2E6%2Fw7XmRRxI7kdSHpf0pNWGRZ6Ku9yh1yzpPp0vizypkz%2BefT6D2GTQqxHccWu"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e88769c8e2908b-FRA
expires
Thu, 14 Dec 2023 10:07:15 GMT
angular-ui-router.min.js
cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/ Frame 5F6B 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/angular-ui-router.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTJFG6TAHQXX&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EX6TYRXXTQW3&iframeId=offer_5907f1c6ace01720d9e3-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
744114
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6934
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-4f8f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6TV%2BkGllLaDaopVSvD0pAGyEqp0sgnv7XMbc1J6IPzzTsV5%2F04DLViII%2BlM8yfZpfm0CGeeKf4GG3pJo7X%2FrkSsaytuHqeAJHMci5U6Yiw4QVsr9yo0yqlSKkSqnwMryzzzjfue1T3IbvS8zQaaMe7b2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e88769d8e4908b-FRA
expires
Thu, 14 Dec 2023 10:07:15 GMT
H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA
buy.tinypass.com/_sam/ Frame 5F6B 		115 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=15.83.0
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTJFG6TAHQXX&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EX6TYRXXTQW3&iframeId=offer_5907f1c6ace01720d9e3-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea75fb39df594682cf1e4037e2e3dcfa0c3bfd928788e4d97a5afa7de90220a6
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTJFG6TAHQXX&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EX6TYRXXTQW3&iframeId=offer_5907f1c6ace01720d9e3-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
689
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 21 Dec 2022 14:47:48 GMT
wn
prod-dash-10-0-142-210
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
server-time
0.000
cache-control
public, max-age=604111
x-optimized-by
_sam
cf-ray
77e887695d049225-FRA
expires
Sat, 31 Dec 2022 09:55:46 GMT
css2
fonts.googleapis.com/ Frame 5F6B 		15 KB
961 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Merriweather+Sans:wght@700&family=Merriweather:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&display=swap
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTJFG6TAHQXX&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EX6TYRXXTQW3&iframeId=offer_5907f1c6ace01720d9e3-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
824223df4a2291ae00674ab03f8d1c7fabe88f06dc285e88bf9cbf63967d8ce4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 24 Dec 2022 10:07:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 24 Dec 2022 10:07:15 GMT
template.bundle.1.0.css
buy.tinypass.com/widget/dist/template/css/ Frame 591F 		27 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTH78FC9Z68B&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EXY3E12NMPEG&iframeId=offer_f6d07c52e265886afaed-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d82b3b69ed27853344397a159429cced7fa5019fa56412c0a3d627471ef709ef
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTH78FC9Z68B&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EXY3E12NMPEG&iframeId=offer_f6d07c52e265886afaed-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
4394
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 19 Dec 2022 02:56:26 GMT
wn
prod-dash-10-0-88-32
server
cloudflare
etag
W/"27358-1671418586000"
vary
accept-encoding
content-type
text/css
server-time
0.001
cache-control
public, max-age=7200
cf-ray
77e887695d069225-FRA
expires
Sat, 24 Dec 2022 12:07:15 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/ Frame 591F 		95 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTH78FC9Z68B&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EXY3E12NMPEG&iframeId=offer_f6d07c52e265886afaed-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
222182
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30360
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-17b8b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w7sSES2deG3btBoMpiVl%2FAcBc1GGG8dsEYaHlRn6gYxmw2IS7gJrK6nQCIU6naPwNjN4XgjFP6GFW8S4EP1TwGM0K6GHuv5rtBEXo%2B24W3aZ5DFP96hM7x4bXPQ%2Fk4ZLK3CvbPy6mKoPvV8%2Fd6b4n3Qc"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e88769d8ec908b-FRA
expires
Thu, 14 Dec 2023 10:07:15 GMT
jquery-migrate.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/ Frame 591F 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/jquery-migrate.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTH78FC9Z68B&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EXY3E12NMPEG&iframeId=offer_f6d07c52e265886afaed-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1440917
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3550
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-2748"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=psEMMLYBGMElaxi24VTu3mj8AccWwEDBFBhyJrN57mVB5xRJkgDvo76CrkzM7tE6zzhbvSUGK29SmM8dUcYyF67KmENpGezbj8Yh5CCsW0%2F70NRx%2BIgxWs49N0PdUgd9rYZF%2Bh9z9fx6q5VKznp05bTq"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e88769c8bf908b-FRA
expires
Thu, 14 Dec 2023 10:07:15 GMT
angular.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 591F 		104 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTH78FC9Z68B&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EXY3E12NMPEG&iframeId=offer_f6d07c52e265886afaed-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
215794
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35086
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-1a191"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Ff4xIuSbiLDc5vf6xHvt0g22BOHonkpnH68oY3nL7kZJzQ7aPOYzQ29sdp9RliF58gJ6v9unGZb%2F4u337jybDXGK2VqybnvkAGvprmZUA9o8SKpdo533wLxHZqrjSwWJGSgrUFHxbfaqROO0ezFDDUCN"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e88769c8c1908b-FRA
expires
Thu, 14 Dec 2023 10:07:15 GMT
angular-animate.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 591F 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-animate.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTH78FC9Z68B&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EXY3E12NMPEG&iframeId=offer_f6d07c52e265886afaed-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07275140ea3f47293d4f8a51d785a766eb1c94e4ae087f7c60c5bd611328ac86
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
740717
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3978
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-2bd5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZdmAcTAJj5Leh9YPlHxcy5ehGB6VFxjc6LXSf91cINnDm90%2FKj%2BrQD8jWK8OtZY2fDoNeJsb6vlSlda4iKlue7C8T8%2F5pEQFdVs9PRsojT8pZkJ9U57Bfcj67C%2FrNxOtrMddnQDXeYit6VgDBV2EFjyn"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e88769c8c2908b-FRA
expires
Thu, 14 Dec 2023 10:07:15 GMT
angular-cookies.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 591F 		825 B
729 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-cookies.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTH78FC9Z68B&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EXY3E12NMPEG&iframeId=offer_f6d07c52e265886afaed-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1001796
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
434
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-339"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JGdRKXfkIQA6ej82G67AiZ3wSOz3Tbmn7GB6J9pdZRt6rdvDPAdvmX9jKe3MTlxCSesD6ybiAxqPHTEAfyahRHua73gvQlJrrVS5dky2Za2P%2FzC15SRwzlKxL5qnn0%2Fj5b0hF%2FOJwmkCh%2BBugz0SCCba"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e88769d8e8908b-FRA
expires
Thu, 14 Dec 2023 10:07:15 GMT
angular-sanitize.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 591F 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-sanitize.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTH78FC9Z68B&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EXY3E12NMPEG&iframeId=offer_f6d07c52e265886afaed-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3776287
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2171
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-11cf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GSuvcPdnWFqO7deaVIKpT%2BKzO4iHSMsb%2FvZ6ZQ%2Be6v3%2FUAy4d%2FimA60pS2d0PhNI5jC7kfLix3IUTVXaf%2FO%2BaXCnCFQZ%2F7zFMA5QZ26Duf9kfYw%2FDHbbpvCh4L2PqSDIsLhSzZ7ZxDo0qVDYJjAFADUc"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e88769d8ed908b-FRA
expires
Thu, 14 Dec 2023 10:07:15 GMT
tmhDynamicLocale.min.js
cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/ Frame 591F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/tmhDynamicLocale.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTH78FC9Z68B&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EXY3E12NMPEG&iframeId=offer_f6d07c52e265886afaed-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1441273
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
953
last-modified
Mon, 04 May 2020 16:04:43 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d1b-ad6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HbNnz65vsaBDWqLg2YU1bXvFD6I1RzmQUQtN7M2bc2lIfPyQ3vx7wzyFx%2Fhg%2FnpqBbVg923UMbIyovacz7zDEttkAWFXxTeDVMTJiFAfl7rtuWeWVZhYb3zHoTakTpgKdBW8YEJgwwq%2FWDN1CCU28bUL"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e88769c8c9908b-FRA
expires
Thu, 14 Dec 2023 10:07:15 GMT
angular-ui-utils.min.js
cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/ Frame 591F 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/angular-ui-utils.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTH78FC9Z68B&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EXY3E12NMPEG&iframeId=offer_f6d07c52e265886afaed-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
746136
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7490
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-5b33"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6YHveblVhZ4oo%2BsWlbj4WslCYQ0%2BDXc4W4c0BQ1JM%2B5Q0ud8tVm1nymQgCUojxF1gjrZ%2BR7hqYgtwHCQIPY5WX%2BURW3a2W5wGjZ%2FItF6zter35PbTHGhVlbyoUvolkMEjqgWvdgciKSSijRNOyJyJn8P"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e88769c8d5908b-FRA
expires
Thu, 14 Dec 2023 10:07:15 GMT
angular-ui-ieshiv.js
cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/ Frame 591F 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/angular-ui-ieshiv.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTH78FC9Z68B&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EXY3E12NMPEG&iframeId=offer_f6d07c52e265886afaed-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1916166
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
910
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-93c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JYBngR1fdmsy7cOkNDDrGNeuasj%2FhLPi6WF50AoEKyi4QaYwRJKDG35sASjjFWKEuEpeu9a8U8sZItbUbbsFKQy3iNvk64Wru9vx9zR3R7MSPziQaTT38lIBFDWwppiAK%2B21eKdTfGITMJ7PxhXgiFGC"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e88769c8c4908b-FRA
expires
Thu, 14 Dec 2023 10:07:15 GMT
angular-ui-router.min.js
cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/ Frame 591F 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/angular-ui-router.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTH78FC9Z68B&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EXY3E12NMPEG&iframeId=offer_f6d07c52e265886afaed-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
744114
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6934
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-4f8f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GPNKCRBBXnyw3kbAp8esratX7H7tLQPBSdlRLB9HNq74wrRgiIqrOx1ZpIC7CLJ353Yc9Lpab0UImaM6cK5ERNDHd1C5ShStybmliggoja09Zo29oZiLQwFNk0Oi1IuYl1u4ABTLsl1fBpagGuIUlW5z"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e88769c8c6908b-FRA
expires
Thu, 14 Dec 2023 10:07:15 GMT
H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA
buy.tinypass.com/_sam/ Frame 591F 		115 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=15.83.0
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTH78FC9Z68B&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EXY3E12NMPEG&iframeId=offer_f6d07c52e265886afaed-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea75fb39df594682cf1e4037e2e3dcfa0c3bfd928788e4d97a5afa7de90220a6
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTH78FC9Z68B&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EXY3E12NMPEG&iframeId=offer_f6d07c52e265886afaed-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
689
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 21 Dec 2022 14:47:48 GMT
wn
prod-dash-10-0-142-210
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
server-time
0.000
cache-control
public, max-age=604111
x-optimized-by
_sam
cf-ray
77e887695d089225-FRA
expires
Sat, 31 Dec 2022 09:55:46 GMT
goicon.svg
forward.com/workspace/res/img/piano/ Frame 591F 		1 KB
854 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forward.com/workspace/res/img/piano/goicon.svg
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTH78FC9Z68B&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EXY3E12NMPEG&iframeId=offer_f6d07c52e265886afaed-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cfcea10210369f9c234a9fe949f81aeea651fa31b5dc3d943546761ebe26548
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
strict-transport-security
max-age=63072000; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 08 Apr 2022 16:03:45 GMT
server
cloudflare
age
228205
etag
W/"62505ce1-5e3"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77e8876bee0d6993-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
css2
fonts.googleapis.com/ Frame 591F 		15 KB
961 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Merriweather+Sans:wght@700&family=Merriweather:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&display=swap
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTH78FC9Z68B&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EXY3E12NMPEG&iframeId=offer_f6d07c52e265886afaed-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
824223df4a2291ae00674ab03f8d1c7fabe88f06dc285e88bf9cbf63967d8ce4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 24 Dec 2022 10:07:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 24 Dec 2022 10:07:15 GMT
truncated
/ 		99 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
147897a5429f372c03abd636c79413174482cb69d760fdb9cab8c1e348bc7566

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		48 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
10c4d41c2ad580fc3796bfd8ee4c3c31273dcfed7bc81ba14a364e5ff565d60d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		80 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5579983de47c243d359424517d81cef06952e32681a4a4f666f414672801a7b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		86 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e1e861ccb47b8b7326e77d98d7b37a7ec169bfc5e412832777953bd79357e537

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		52 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d8bfd4ae9ceb691520a08941b1fa0f10ea75b94f64598169ba1253e41a75a2f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		40 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e8d4f98be15e150d917ac81bf374133cd6b8119f6e073a642d2169df07a64bd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		52 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
22f6eb51431d1d40bfcfae90e39a956f6073faafa35acd027f19f778b1d2f1e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		273 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6302411116dde7406af92a49bde4349a16a1f7bc9740653a0d425aa1baaaaea7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/jpeg
fastlane.json
fastlane.rubiconproject.com/a/api/ 		303 B
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23990&site_id=407070&zone_id=2282352&size_id=2&alt_size_ids=57&rf=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F&tk_flint=pbjs_lite_v6.27.0&x_source.tid=c09c34ec-985e-47e0-b550-b2a0e301a941&l_pb_bid_id=51ddb55c76f876b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.23666560513414647
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-forward-com.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
41de6ac569baef5162818b95c7a1697af839b978f2634a98cea413f3b4792b89

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:15 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://forward.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
303
expires
Wed, 17 Sep 1975 21:32:10 GMT
v2
e.serverbid.com/api/ 		16 B
201 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-forward-com.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://forward.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
42
/
hb.emxdgt.com/ 		0
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=700&ts=1671876435491&src=pbjs
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-forward-com.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.92.0 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-92-0.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://forward.com
date
Sat, 24 Dec 2022 10:07:15 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
adreq
ads.servenobid.com/ 		1 KB
776 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=10178
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-forward-com.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.174.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-174-255.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
3e1d40d61675b457b5d50a02d4c80bb2f2dc97598e705a97b6ba0390abb1d5e8

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://forward.com
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
prebid
exchange.postrelease.com/ 		0
389 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://exchange.postrelease.com/prebid?ntv_ptd=1171430,1171417&ntv_pb_rid=5842e6c79a7c496&ntv_ppc=eyJhZFVuaXRzIjpbeyJhZFVuaXRDb2RlIjoiTGVhZGVyYm9hcmRfMyIsIm1lZGlhVHlwZXMiOnsiYmFubmVyIjp7InNpemVzIjpbWzcyOCw5MF0sWzk3MCwyNTBdLFs3MjgsMjUwXV19fX0seyJhZFVuaXRDb2RlIjoiTGVhZGVyYm9hcmRfMyIsIm1lZGlhVHlwZXMiOnsiYmFubmVyIjp7InNpemVzIjpbWzcyOCw5MF0sWzk3MCwyNTBdLFs3MjgsMjUwXV19fX1dfQ==&ntv_dbr=eyJMZWFkZXJib2FyZF8xIjoxLCJMZWFkZXJib2FyZF8yIjoxLCJMYXJnZV9NUFVfMSI6MCwiTGVhZGVyYm9hcmRfMyI6MX0=&ntv_url=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-forward-com.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.198.4.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-4-174.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
gzip
server
nginx/1.12.1
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://forward.com
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
content-length
20
expires
Mon, 1 Jan 1990 12:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=forward.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=forward.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		20 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4000870435497380&correlator=246356571167512&eid=31071094%2C31071150%2C31071257%2C44777628&output=ldjh&gdfp_req=1&vrg=2022120701&ptt=17&impl=fif&iu_parts=22253468549%3A22704151777%2Cwavefrontnetwork%2Cforward&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=3&adks=3247586821&didk=4175799521&sfv=1-0-40&prev_scp=pos%3DSmall_MPU%26tld%3Dforward.com%26TLD_POSITION%3Dforward.com_Small_MPU_1%26fqdn%3Dforward.com%26refresh%3D0_forward.com%26refresh_count%3D0%26domId%3DSmall_MPU_1%26FURL%3D%252Fnews%252F529130%252Fgeorge-santos-jewish-lie-genealogy-records%252F%26SURL%3D248b7f4f19a75076c26b76f83f4becc8c20283df%26INVIEW%3D1%26sttrackid%3Dgpxaau1z4tg%26GMAV%3D0_forward.com%26PAV%3D1_forward.com&eri=1&cust_params=device%3Ddesktop%26video%3Dno%26minute_rb%3D5SOV_7%26second_rb%3D5SOV_14%26referrer%3Dother&sc=1&cookie=ID%3D00d71eeb7218a6f1%3AT%3D1671876435%3AS%3DALNI_MZj7UvGLW8KA8qVkkACX9ZboIyD-A&gpic=UID%3D00000b97e6383860%3AT%3D1671876435%3ART%3D1671876435%3AS%3DALNI_Ma8AlKNCprDUKxC_SPmXoQIE3cynA&abxe=1&dt=1671876435503&lmt=1671876435&dlt=1671876433663&idt=1281&adxs=1170&adys=502&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F&frm=20&vis=1&psz=300x272&msz=300x250&fws=512&ohw=0&psts=ACgb8tukqPiVSApHe6faiLSUf5TOhf4O9TTysCXOqkIqEuU7RVE5MICh8Nik_tCH5FrvqfLxBsdoFhDTI8l6AYCajWH6gHrf%2CACgb8tvgUT2Nk00Spfb-EwnbxnUYSk_L8Nd1n58i5BtlkSOI83E0Rhw8eRC2upC99V6x2TfwLCEpB5wWk1lqXooS5oh2hZpu&ga_vid=550322770.1671876434&ga_sid=1671876435&ga_hid=2095372866&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
069f7251a0bf329fd4fcbabb30adad6bbe6b846bbef8a1884c02ed2e47804b52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9297
x-xss-protection
0
google-lineitem-id
6039291317
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138394418723
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://forward.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		20 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4000870435497380&correlator=246356571167512&eid=31071094%2C31071150%2C31071257%2C44777628&output=ldjh&gdfp_req=1&vrg=2022120701&ptt=17&impl=fif&iu_parts=22253468549%3A22704151777%2Cwavefrontnetwork%2Cforward&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x250%7C728x250&ifi=4&adks=4184913046&didk=2364695470&sfv=1-0-40&prev_scp=pos%3DLeaderboard%26tld%3Dforward.com%26TLD_POSITION%3Dforward.com_Leaderboard_2%26fqdn%3Dforward.com%26refresh%3D0_forward.com%26refresh_count%3D0%26domId%3DLeaderboard_2%26FURL%3D%252Fnews%252F529130%252Fgeorge-santos-jewish-lie-genealogy-records%252F%26SURL%3D248b7f4f19a75076c26b76f83f4becc8c20283df%26INVIEW%3D1%26sttrackid%3D475ouu40e37%26GMAV%3D0_forward.com%26PAV%3D0_forward.com&eri=1&cust_params=device%3Ddesktop%26video%3Dno%26minute_rb%3D5SOV_7%26second_rb%3D5SOV_14%26referrer%3Dother&sc=1&cookie=ID%3D00d71eeb7218a6f1%3AT%3D1671876435%3AS%3DALNI_MZj7UvGLW8KA8qVkkACX9ZboIyD-A&gpic=UID%3D00000b97e6383860%3AT%3D1671876435%3ART%3D1671876435%3AS%3DALNI_Ma8AlKNCprDUKxC_SPmXoQIE3cynA&abxe=1&dt=1671876435514&lmt=1671876435&dlt=1671876433663&idt=1281&adxs=216&adys=3033&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F&frm=20&vis=1&psz=930x54&msz=898x0&fws=4&ohw=930&psts=ACgb8tukqPiVSApHe6faiLSUf5TOhf4O9TTysCXOqkIqEuU7RVE5MICh8Nik_tCH5FrvqfLxBsdoFhDTI8l6AYCajWH6gHrf%2CACgb8tvgUT2Nk00Spfb-EwnbxnUYSk_L8Nd1n58i5BtlkSOI83E0Rhw8eRC2upC99V6x2TfwLCEpB5wWk1lqXooS5oh2hZpu&ga_vid=550322770.1671876434&ga_sid=1671876435&ga_hid=2095372866&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7ca23c932f9e4f39bb36188282dccdbc7985253318c858c03ad7387df7e1c60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9292
x-xss-protection
0
google-lineitem-id
6039296123
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138411031376
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://forward.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		20 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4000870435497380&correlator=246356571167512&eid=31071094%2C31071150%2C31071257%2C44777628&output=ldjh&gdfp_req=1&vrg=2022120701&ptt=17&impl=fif&iu_parts=22253468549%3A22704151777%2Cwavefrontnetwork%2Cforward&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x250%7C728x250&ifi=5&adks=812061133&didk=2364695471&sfv=1-0-40&prev_scp=pos%3DLeaderboard%26tld%3Dforward.com%26TLD_POSITION%3Dforward.com_Leaderboard_1%26fqdn%3Dforward.com%26refresh%3D0_forward.com%26refresh_count%3D0%26domId%3DLeaderboard_1%26FURL%3D%252Fnews%252F529130%252Fgeorge-santos-jewish-lie-genealogy-records%252F%26SURL%3D248b7f4f19a75076c26b76f83f4becc8c20283df%26INVIEW%3D1%26sttrackid%3Duj2im7sv3fi%26GMAV%3D0_forward.com%26PAV%3D0_forward.com&eri=1&cust_params=device%3Ddesktop%26video%3Dno%26minute_rb%3D5SOV_7%26second_rb%3D5SOV_14%26referrer%3Dother&sc=1&cookie=ID%3D00d71eeb7218a6f1%3AT%3D1671876435%3AS%3DALNI_MZj7UvGLW8KA8qVkkACX9ZboIyD-A&gpic=UID%3D00000b97e6383860%3AT%3D1671876435%3ART%3D1671876435%3AS%3DALNI_Ma8AlKNCprDUKxC_SPmXoQIE3cynA&abxe=1&dt=1671876435521&lmt=1671876435&dlt=1671876433663&idt=1281&adxs=216&adys=2168&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F&frm=20&vis=1&psz=930x54&msz=898x0&fws=4&ohw=930&psts=ACgb8tukqPiVSApHe6faiLSUf5TOhf4O9TTysCXOqkIqEuU7RVE5MICh8Nik_tCH5FrvqfLxBsdoFhDTI8l6AYCajWH6gHrf%2CACgb8tvgUT2Nk00Spfb-EwnbxnUYSk_L8Nd1n58i5BtlkSOI83E0Rhw8eRC2upC99V6x2TfwLCEpB5wWk1lqXooS5oh2hZpu&ga_vid=550322770.1671876434&ga_sid=1671876435&ga_hid=2095372866&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
210601fa7f23b55cfe3fd7aed95a91a8f4e45b1289149e17c043d4da2ecabcbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:16 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9292
x-xss-protection
0
google-lineitem-id
6039296123
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138394504269
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://forward.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		20 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4000870435497380&correlator=246356571167512&eid=31071094%2C31071150%2C31071257%2C44777628&output=ldjh&gdfp_req=1&vrg=2022120701&ptt=17&impl=fif&iu_parts=22253468549%3A22704151777%2Cwavefrontnetwork%2Cforward&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600%7C300x250&ifi=6&adks=2271814003&didk=403910954&sfv=1-0-40&prev_scp=pos%3DLarge_MPU%26tld%3Dforward.com%26TLD_POSITION%3Dforward.com_Large_MPU_1%26fqdn%3Dforward.com%26refresh%3D0_forward.com%26refresh_count%3D0%26domId%3DLarge_MPU_1%26FURL%3D%252Fnews%252F529130%252Fgeorge-santos-jewish-lie-genealogy-records%252F%26SURL%3D248b7f4f19a75076c26b76f83f4becc8c20283df%26INVIEW%3D1%26sttrackid%3D2wolycfi1bu%26GMAV%3D0_forward.com%26PAV%3D0_forward.com&eri=1&cust_params=device%3Ddesktop%26video%3Dno%26minute_rb%3D5SOV_7%26second_rb%3D5SOV_14%26referrer%3Dother&sc=1&cookie=ID%3D00d71eeb7218a6f1%3AT%3D1671876435%3AS%3DALNI_MZj7UvGLW8KA8qVkkACX9ZboIyD-A&gpic=UID%3D00000b97e6383860%3AT%3D1671876435%3ART%3D1671876435%3AS%3DALNI_Ma8AlKNCprDUKxC_SPmXoQIE3cynA&abxe=1&dt=1671876435539&lmt=1671876435&dlt=1671876433663&idt=1281&adxs=1170&adys=3802&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F&frm=20&vis=1&psz=300x272&msz=300x250&fws=512&ohw=0&psts=ACgb8tukqPiVSApHe6faiLSUf5TOhf4O9TTysCXOqkIqEuU7RVE5MICh8Nik_tCH5FrvqfLxBsdoFhDTI8l6AYCajWH6gHrf%2CACgb8tvgUT2Nk00Spfb-EwnbxnUYSk_L8Nd1n58i5BtlkSOI83E0Rhw8eRC2upC99V6x2TfwLCEpB5wWk1lqXooS5oh2hZpu&ga_vid=550322770.1671876434&ga_sid=1671876435&ga_hid=2095372866&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9f6770cedfac6bbdcda8cd765b365da271394136cd6a4c77c9ca6a7929ac51a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:16 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9305
x-xss-protection
0
google-lineitem-id
6039291317
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138394418720
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://forward.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
n.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://n.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-f/s/0.7.1/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.184.204.244 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
https://forward.com
date
Sat, 24 Dec 2022 10:07:16 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
vary
Origin
request-context
appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
p1.js
p1cluster.cxense.com/ Frame 09B4 		47 B
637 B 		Script
General
Check archive.org
Download Go to
Full URL
https://p1cluster.cxense.com/p1.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.75.83.64 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
4d0d165f5ba2960d75ebe0856f570af6dab7daf9c1bac577be13f97e2987989a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.cxense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
last-modified
Fri, 24 Jun 2022 10:07:15 GMT
server
Jetty(9.4.28.v20200408)
etag
2okhdbo26awd21eai5w42x0c08
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
text/javascript;charset=utf-8
cache-control
private, proxy-revalidate
content-length
47
expires
Sun, 24 Dec 2023 10:07:15 GMT
template.bundle.1.0.css
buy.tinypass.com/widget/dist/template/css/ Frame 693B 		27 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTJFG6TAHQXX&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EX6TYRXXTQW3&iframeId=offer_5907f1c6ace01720d9e3-1&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d82b3b69ed27853344397a159429cced7fa5019fa56412c0a3d627471ef709ef
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTJFG6TAHQXX&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EX6TYRXXTQW3&iframeId=offer_5907f1c6ace01720d9e3-1&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
4394
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 19 Dec 2022 02:56:26 GMT
wn
prod-dash-10-0-88-32
server
cloudflare
etag
W/"27358-1671418586000"
vary
accept-encoding
content-type
text/css
server-time
0.001
cache-control
public, max-age=7200
cf-ray
77e8876b7f929225-FRA
expires
Sat, 24 Dec 2022 12:07:15 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/ Frame 693B 		95 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTJFG6TAHQXX&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EX6TYRXXTQW3&iframeId=offer_5907f1c6ace01720d9e3-1&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
222182
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30360
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-17b8b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YYs%2BTmact8ANvKmVwy4i0qPx%2Fxg2%2FyLNjpS6mGLWePkijxyWOzT63CNrDIFaUJWuX5TkyfXD1mO%2Fudnx1nCjN1xpCAlT1zUU3UdRZ8z8UM7INSYiJGQPFB856O98Hv6Ab51SHTVrgENKpZqC%2Bmr8uV9N"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e8876bbe4c9b5b-FRA
expires
Thu, 14 Dec 2023 10:07:15 GMT
jquery-migrate.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/ Frame 693B 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/jquery-migrate.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTJFG6TAHQXX&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EX6TYRXXTQW3&iframeId=offer_5907f1c6ace01720d9e3-1&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1440917
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3550
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-2748"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wFUIXLIP82RzVC%2BDCRcwcbgAnO5HtChQnRW63Zxu7AQuLFe6w7zjZnyozBKAg1hlLRJKzjdJ4dT%2F%2FalZqWQh0sL7qc%2BZtBTk%2Fyuvlme78tJKQ6HDMOXESW5SXMXxoMcFWSVGys7lhQq1fl1x3536je6T"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e8876bbe499b5b-FRA
expires
Thu, 14 Dec 2023 10:07:15 GMT
angular.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 693B 		104 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTJFG6TAHQXX&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EX6TYRXXTQW3&iframeId=offer_5907f1c6ace01720d9e3-1&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
215794
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35086
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-1a191"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BwbHq4qZmb%2BOo4ofi%2BLCeDIXm%2B5DQAYQT8Q9WByHzpaPMd0Jpm9NchqakKszYtdxUcoSrs372Ac9aWiQhYaha2sNFi7dpelldSsP6Nqy%2FxRNKC9VVIziFtPe5JDqNoLjd5IPP0AWpB8XPOq%2BbpN45ta0"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e8876bbe4a9b5b-FRA
expires
Thu, 14 Dec 2023 10:07:15 GMT
angular-animate.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 693B 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-animate.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTJFG6TAHQXX&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EX6TYRXXTQW3&iframeId=offer_5907f1c6ace01720d9e3-1&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07275140ea3f47293d4f8a51d785a766eb1c94e4ae087f7c60c5bd611328ac86
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
740717
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3978
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-2bd5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RUnBgz57jJJNhmYHiclv30U9YmMJ1afnRNsRj1wdHYVoUjCaWnC8Nc1Rk9cBxAIicRdRous7Z0mpQv8yEh1Ado%2BLirmhgTDDmiGuGqDWoU3pAsRD%2BDEj1AcZbfzJ797BmJt5NX77iJvFxI7Hs73fDBF2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e8876bbe4d9b5b-FRA
expires
Thu, 14 Dec 2023 10:07:15 GMT
angular-cookies.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 693B 		825 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-cookies.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTJFG6TAHQXX&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EX6TYRXXTQW3&iframeId=offer_5907f1c6ace01720d9e3-1&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1001796
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
434
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-339"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p2IsAJzw%2FT2yi9jwQYhl6hNfVXTxNQA0yJxRTshhqalQEzgScsaB2nH2Wy%2FXRAv538r1%2FwiXb5cSvnpVAHtietckHHHcuk%2FT15NEXwGC4s83Exo3TEte5vMiiEUKgA9psVXUP7et3jg8qWeJFQS3xqot"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e8876bbe4f9b5b-FRA
expires
Thu, 14 Dec 2023 10:07:15 GMT
angular-sanitize.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 693B 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-sanitize.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTJFG6TAHQXX&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EX6TYRXXTQW3&iframeId=offer_5907f1c6ace01720d9e3-1&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3776287
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2171
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-11cf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w6%2BTNP9WU5wL4tr%2F2BRfogVzbW59fq3t68qaCBXeS7ez5XeWceLsVOuzDA%2B41S89Cauj4j6uLq%2F2yJApyO3%2BQzI6vvTLrhLpG1R9Pi03OG4HcMMGf7frWMMXT5wdM8QD9jHhAGGKXig49i8%2FUmof9vAZ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e8876bbe2b9b5b-FRA
expires
Thu, 14 Dec 2023 10:07:15 GMT
tmhDynamicLocale.min.js
cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/ Frame 693B 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/tmhDynamicLocale.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTJFG6TAHQXX&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EX6TYRXXTQW3&iframeId=offer_5907f1c6ace01720d9e3-1&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1441273
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
953
last-modified
Mon, 04 May 2020 16:04:43 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d1b-ad6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vCD%2B3ABpgM4wl3EAIqZJi7HH5WgxjbKAtXcvtmolJiTbN2yecW5f5OFpZyOassnhsB01BS6v5LZ8joDvAGSgUbWgThN7ZIs2XW0YW0bal79CydyrTrqm%2BXMUbILA6hQ%2FgLQLaassyXs9sXUChjMf5EWo"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e8876bbe349b5b-FRA
expires
Thu, 14 Dec 2023 10:07:15 GMT
angular-ui-utils.min.js
cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/ Frame 693B 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/angular-ui-utils.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTJFG6TAHQXX&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EX6TYRXXTQW3&iframeId=offer_5907f1c6ace01720d9e3-1&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
746136
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7490
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-5b33"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2ArMte2h4ITX0rja%2B62UlDrjQtRfApIlLqY8MQU%2ByYyvmprQc2pV0kTZTtPMmrNacA5CMEGxh%2FlN6vqpfqF%2B4770JtuD20Gcf%2BB58b4%2FyKYtAVv%2BsgV3DFVyt6HsLKraAhHFwOgNvc2MIASolkHgZHch"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e8876bbe2d9b5b-FRA
expires
Thu, 14 Dec 2023 10:07:15 GMT
angular-ui-ieshiv.js
cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/ Frame 693B 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/angular-ui-ieshiv.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTJFG6TAHQXX&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EX6TYRXXTQW3&iframeId=offer_5907f1c6ace01720d9e3-1&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1916166
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
910
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-93c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ltdZKp1l9%2Fz%2F6w4BQpq4Jv717BHrSqv4ds2YyYurLaZX3BQ7LCcixanX7Cfst9Mw7mzYhjjLep3yE%2BfDB3zntBBLExF33gtyXIZBKFil1JMQTgNXjnlbNE5ZM7wdBYXyAYtAxKSOiwCqU83x714z2z4Z"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e8876bbe2a9b5b-FRA
expires
Thu, 14 Dec 2023 10:07:15 GMT
angular-ui-router.min.js
cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/ Frame 693B 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/angular-ui-router.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTJFG6TAHQXX&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EX6TYRXXTQW3&iframeId=offer_5907f1c6ace01720d9e3-1&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
744114
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6934
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-4f8f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZfgqS2FYfAiEiMOuh0HlVxgDuQ5nfNeKEbaydnqSNAhhLnarF8k4K7sc5Z5rRTN4oYLuMKEXHdMIzm3bBGe71izzqeG1FhV61vgoznXgjb5RhYkYEx80ArfTajV30j68nFRJ9g0ImTqvQqZCLwk0Uh07"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e8876bbe289b5b-FRA
expires
Thu, 14 Dec 2023 10:07:15 GMT
H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA
buy.tinypass.com/_sam/ Frame 693B 		115 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=15.83.0
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTJFG6TAHQXX&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EX6TYRXXTQW3&iframeId=offer_5907f1c6ace01720d9e3-1&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea75fb39df594682cf1e4037e2e3dcfa0c3bfd928788e4d97a5afa7de90220a6
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTJFG6TAHQXX&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EX6TYRXXTQW3&iframeId=offer_5907f1c6ace01720d9e3-1&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
689
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 21 Dec 2022 14:47:48 GMT
wn
prod-dash-10-0-142-210
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
server-time
0.000
cache-control
public, max-age=604111
x-optimized-by
_sam
cf-ray
77e8876b7f959225-FRA
expires
Sat, 31 Dec 2022 09:55:46 GMT
css2
fonts.googleapis.com/ Frame 693B 		15 KB
961 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Merriweather+Sans:wght@700&family=Merriweather:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&display=swap
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTJFG6TAHQXX&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EX6TYRXXTQW3&iframeId=offer_5907f1c6ace01720d9e3-1&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
824223df4a2291ae00674ab03f8d1c7fabe88f06dc285e88bf9cbf63967d8ce4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 24 Dec 2022 10:07:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 24 Dec 2022 10:07:15 GMT
template.bundle.1.0.css
buy.tinypass.com/widget/dist/template/css/ Frame A1F5 		27 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTMCHSY055P1&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EXY3E12NMPEG&iframeId=offer_f98dd4fa2e454baae50d-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d82b3b69ed27853344397a159429cced7fa5019fa56412c0a3d627471ef709ef
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTMCHSY055P1&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EXY3E12NMPEG&iframeId=offer_f98dd4fa2e454baae50d-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
4394
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 19 Dec 2022 02:56:26 GMT
wn
prod-dash-10-0-88-32
server
cloudflare
etag
W/"27358-1671418586000"
vary
accept-encoding
content-type
text/css
server-time
0.001
cache-control
public, max-age=7200
cf-ray
77e8876b8fb99225-FRA
expires
Sat, 24 Dec 2022 12:07:15 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/ Frame A1F5 		95 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTMCHSY055P1&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EXY3E12NMPEG&iframeId=offer_f98dd4fa2e454baae50d-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
222182
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30360
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-17b8b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JUKPMWO1yBLZmwk%2BASD73yUij3pZ6yiVjP8Atd6Zfj65OsN4hP432CkXgt9BDa8iVnyYAnKxlWveo5xbkol3KUqMVXR8pmg0ecLahg4whdAiK3GauAC9du4XTM%2BnOmZv%2FzTTlziLODJuSrMu5iX3kl3A"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e8876bbe549b5b-FRA
expires
Thu, 14 Dec 2023 10:07:15 GMT
jquery-migrate.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/ Frame A1F5 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/jquery-migrate.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTMCHSY055P1&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EXY3E12NMPEG&iframeId=offer_f98dd4fa2e454baae50d-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1440917
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3550
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-2748"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gUF2Qs%2BMKBUM2TRWeSByjqjbakAFfZlQvD2U4ng7PZ0pjzYvDmE3OLaFJ9KSTmpGN6lcPGBWqZ%2FcVtl2SAn68RmgFr1uDCsj2t%2F%2B5%2BZNRvGCgUbX0RoboWpWE1J%2BOixHoWm1DJleTFOmuOlmGqKJ2c%2F9"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e8876bbe509b5b-FRA
expires
Thu, 14 Dec 2023 10:07:15 GMT
angular.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame A1F5 		104 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTMCHSY055P1&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EXY3E12NMPEG&iframeId=offer_f98dd4fa2e454baae50d-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
215794
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35086
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-1a191"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KVsTcDHdwfLiFiT76orL4BsO195TZ%2BXC8YS0LazG%2FT2%2FW410UHvlkivQAJnVHht3EBzz1gCm6EchQJzgtd7bHOZthdz4hW5n57jeuCNqsXdAMJvOfqVQfKkLst3GpQKrR3Dmuf1mq549RQa0%2F%2FLmHdhc"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e8876bbe569b5b-FRA
expires
Thu, 14 Dec 2023 10:07:15 GMT
angular-animate.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame A1F5 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-animate.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTMCHSY055P1&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EXY3E12NMPEG&iframeId=offer_f98dd4fa2e454baae50d-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07275140ea3f47293d4f8a51d785a766eb1c94e4ae087f7c60c5bd611328ac86
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
740717
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3978
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-2bd5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LBqYqT5xCvQzRhVZdaoLC9YDraMT3ep5dGWQsgn7kIKV6I%2B5jlypKvCXAFFqlFIyZ%2FDlHAn%2F7jIiuz7N%2Beg1n5WpIIt8iPGNDVH4UVqBlebKJnPW958OLVpJLYuGr0%2Bl9imLkAh4ceVKg%2FyUgEyMJXMV"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e8876bbe589b5b-FRA
expires
Thu, 14 Dec 2023 10:07:15 GMT
angular-cookies.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame A1F5 		825 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-cookies.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTMCHSY055P1&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EXY3E12NMPEG&iframeId=offer_f98dd4fa2e454baae50d-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1001796
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
434
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-339"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pKDl59WgTB2wcol499RzfLHp%2BlZoIocle6FHAhGW%2BWlQiFt2VXcLzSe%2BqhUqZnIvQ4LabL%2BeIKlBEtOKlfC4KOZuVAlIAjQlclFE87Pg17hcfQAo2mIjabOIOeugk5Juge%2BahUj4QnfjvtNSPLrwEKbk"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e8876bbe5d9b5b-FRA
expires
Thu, 14 Dec 2023 10:07:15 GMT
angular-sanitize.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame A1F5 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-sanitize.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTMCHSY055P1&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EXY3E12NMPEG&iframeId=offer_f98dd4fa2e454baae50d-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3776287
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2171
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-11cf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w18pDSYYHemhaNu3sDM3XH%2B6b8TqYQbihZILla7s29Lv242o7S53UrNYPPChICYGMbo7aWmEbssEwSzcin%2FwK0VCn6bjLsV6asewDUYq%2FAHD%2BDnt6ZOFyzT6EEX9ZFjJTPqFOmYcz6Ms%2B5ggc17TlXa9"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e8876bbe5f9b5b-FRA
expires
Thu, 14 Dec 2023 10:07:15 GMT
tmhDynamicLocale.min.js
cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/ Frame A1F5 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/tmhDynamicLocale.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTMCHSY055P1&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EXY3E12NMPEG&iframeId=offer_f98dd4fa2e454baae50d-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1441273
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
953
last-modified
Mon, 04 May 2020 16:04:43 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d1b-ad6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PQmMM0wGKxXrCMPb36ydeY9LypYoexp4ZpzUBrw8keZLoqTvRzw3dNHS0jxCCcbbucZujCpeP%2Fb%2BXfPuOWnwtDCPUD9niEyhCx3GzBe7IVKT6yygigSC923U4YNKoQPgiSpMPQuzjoGOnNETRmmLPiU8"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e8876bbe609b5b-FRA
expires
Thu, 14 Dec 2023 10:07:15 GMT
angular-ui-utils.min.js
cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/ Frame A1F5 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/angular-ui-utils.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTMCHSY055P1&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EXY3E12NMPEG&iframeId=offer_f98dd4fa2e454baae50d-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
746136
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7490
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-5b33"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v8%2By2HMtdDvbEG0unVDyQpki47qJnXHiVxsH7daw0wVJ72KjI4NdH8kdK9EhjdqYyZyCBuJbVClXBT2D4e0MmEfXxeKbNnZ6bj9LDKTB5v5q0uIxayrhJ8HQSzrUv9gTanmsYwC7r3SAngntBJPjCgWH"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e8876bbe639b5b-FRA
expires
Thu, 14 Dec 2023 10:07:15 GMT
angular-ui-ieshiv.js
cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/ Frame A1F5 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/angular-ui-ieshiv.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTMCHSY055P1&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EXY3E12NMPEG&iframeId=offer_f98dd4fa2e454baae50d-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1916166
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
910
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-93c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PYeASl5ZOZ0fb3ykX%2B1uxk72Md2NGKUs1TrmynmycCj0OWrC5DbuvInmZelcaU2Yfib6ydF29hdyvrHzYauFaj30RWXRhDqHnFlelDPkTnq8fygRjLwWNnJo80cJ9%2FGv%2BWi%2By8CTV0nQ%2Fv4l56UBSQeo"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e8876bbe379b5b-FRA
expires
Thu, 14 Dec 2023 10:07:15 GMT
angular-ui-router.min.js
cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/ Frame A1F5 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/angular-ui-router.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTMCHSY055P1&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EXY3E12NMPEG&iframeId=offer_f98dd4fa2e454baae50d-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
744114
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6934
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-4f8f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ho%2FZpbeH9z82FNyH4aQ4iriAb0%2FXt5VqT%2F%2BmCkdpjXx9QPvBx4BrCEAoh1iNzQyGzhKw30VnXW2ZU2QTNxnauof6CehCK%2B28X1e0NK1LMSlwg5KbJ46xLklbedlUqP%2FqCZWTsyRkt3LjvdC3pHZ7uq8n"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e8876bbe389b5b-FRA
expires
Thu, 14 Dec 2023 10:07:15 GMT
H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA
buy.tinypass.com/_sam/ Frame A1F5 		115 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=15.83.0
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTMCHSY055P1&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EXY3E12NMPEG&iframeId=offer_f98dd4fa2e454baae50d-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea75fb39df594682cf1e4037e2e3dcfa0c3bfd928788e4d97a5afa7de90220a6
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTMCHSY055P1&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EXY3E12NMPEG&iframeId=offer_f98dd4fa2e454baae50d-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
689
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 21 Dec 2022 14:47:48 GMT
wn
prod-dash-10-0-142-210
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
server-time
0.000
cache-control
public, max-age=604111
x-optimized-by
_sam
cf-ray
77e8876b8fbc9225-FRA
expires
Sat, 31 Dec 2022 09:55:46 GMT
css2
fonts.googleapis.com/ Frame A1F5 		15 KB
961 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Merriweather+Sans:wght@700&family=Merriweather:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&display=swap
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTMCHSY055P1&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EXY3E12NMPEG&iframeId=offer_f98dd4fa2e454baae50d-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
824223df4a2291ae00674ab03f8d1c7fabe88f06dc285e88bf9cbf63967d8ce4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 24 Dec 2022 10:07:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 24 Dec 2022 10:07:15 GMT
template.bundle.1.0.css
buy.tinypass.com/widget/dist/template/css/ Frame 0FE4 		27 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTP9S6C2UYZN&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EXY3E12NMPEG&iframeId=offer_e759b0b2583bf76990fe-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d82b3b69ed27853344397a159429cced7fa5019fa56412c0a3d627471ef709ef
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTP9S6C2UYZN&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EXY3E12NMPEG&iframeId=offer_e759b0b2583bf76990fe-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
4394
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 19 Dec 2022 02:56:26 GMT
wn
prod-dash-10-0-88-32
server
cloudflare
etag
W/"27358-1671418586000"
vary
accept-encoding
content-type
text/css
server-time
0.001
cache-control
public, max-age=7200
cf-ray
77e8876b9fce9225-FRA
expires
Sat, 24 Dec 2022 12:07:15 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/ Frame 0FE4 		95 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTP9S6C2UYZN&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EXY3E12NMPEG&iframeId=offer_e759b0b2583bf76990fe-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
222182
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30360
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-17b8b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1RxyBpI8hGyzrkx7HHwsD%2BHaB4OeNuT%2FYplK9G2hONppEFBfkX4v37XzuxByNQUuFRETCmbLJi8vQ6sZ416SswJUFtfJATKsBMNhtFKEZk5iT3NMIaGXQPoVHWh4Wx%2FwsQrtSGCkvBhG9DUijcDmHz8D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e8876bbe3d9b5b-FRA
expires
Thu, 14 Dec 2023 10:07:15 GMT
jquery-migrate.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/ Frame 0FE4 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/jquery-migrate.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTP9S6C2UYZN&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EXY3E12NMPEG&iframeId=offer_e759b0b2583bf76990fe-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1440917
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3550
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-2748"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PLwrF9njlwBnQFBX6kIhMzpZ4B4aFHGc5xEs0RxPMlOPTuxGF5jD1iUzkzD9xGFz%2BHQJfefqNUDvqey0lK3kua5IZhWuJMyy5KptD3IrPIwEXnw1h%2FGyuxwNELk92I907pV5hrLEdgyVlB5RlTIU0uwi"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e8876bbe3a9b5b-FRA
expires
Thu, 14 Dec 2023 10:07:15 GMT
angular.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 0FE4 		104 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTP9S6C2UYZN&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EXY3E12NMPEG&iframeId=offer_e759b0b2583bf76990fe-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
215794
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35086
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-1a191"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hg%2Fy94wTsYfIxURnrpJtjbED1XTbG21AyBKpCTVKeaJ2quPjrLKoUjBuHLUCdrPnP1todTW64CTy5r9GcoQNysTUAy%2BrciwUOlpcwYvmoTHGJ%2FN1PgtvMGtvbQBefmrlabCMZxP%2B5USb%2B7SgSKauYqHk"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e8876bbe3f9b5b-FRA
expires
Thu, 14 Dec 2023 10:07:15 GMT
angular-animate.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 0FE4 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-animate.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTP9S6C2UYZN&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EXY3E12NMPEG&iframeId=offer_e759b0b2583bf76990fe-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07275140ea3f47293d4f8a51d785a766eb1c94e4ae087f7c60c5bd611328ac86
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
740717
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3978
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-2bd5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5CMdfwK678REoym%2BlumRRPb8Qhb%2BEE7ci9%2FijC0bifhitU3hERU7FIvNmuYd5CWfh2cx3Cd9VwRQ0FqZx%2Fh4ls3Si1eLhUPh9QYL8dt7avKqtUHethfxUVDxnV7ttRfynA%2BGIv1bYClz0FE1ALj8d1d2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e8876bbe409b5b-FRA
expires
Thu, 14 Dec 2023 10:07:15 GMT
angular-cookies.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 0FE4 		825 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-cookies.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTP9S6C2UYZN&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EXY3E12NMPEG&iframeId=offer_e759b0b2583bf76990fe-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1001796
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
434
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-339"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JVwPdHsIYtHOzovkd9EqV6hV0Rx83Gv1pvsP0%2Bhs6qFdxTtfSV53%2FcUOc8Lr5YipDTy9xPy8qiDGN4sKCIWaIt4hQ%2BRLvt1Q%2BRuIe9IKo2cnVuwhhCJzSQxRrZx3iIG7%2Bjutt4WdmnQxvZ6rc%2FPdc%2FL9"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e8876bbe429b5b-FRA
expires
Thu, 14 Dec 2023 10:07:15 GMT
angular-sanitize.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 0FE4 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-sanitize.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTP9S6C2UYZN&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EXY3E12NMPEG&iframeId=offer_e759b0b2583bf76990fe-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3776287
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2171
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-11cf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9dfaclZWxzIbuZrQC10ZdNTCLiWogGTiyC7IjkVBkMnO7I7GcZ4wFzKvzIdfHuBLegOKxk02E1oby0KnBCF%2BTuASVJSxRgBEZHoufcDZGKitzZ5o0tN9TjiEt3aY9uRzpr75zCtlA2ciUCcDAYMiKwai"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e8876bbe439b5b-FRA
expires
Thu, 14 Dec 2023 10:07:15 GMT
tmhDynamicLocale.min.js
cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/ Frame 0FE4 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/tmhDynamicLocale.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTP9S6C2UYZN&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EXY3E12NMPEG&iframeId=offer_e759b0b2583bf76990fe-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1441273
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
953
last-modified
Mon, 04 May 2020 16:04:43 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d1b-ad6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5eOCjreBdGmvSmXP%2BBzI2UYGFxM5uVOK5mNAsqYaQvrg0zp7y1kzXoWHs1xSWw0g%2Br6G6EU4DshkJHP7A8u8Urdif1MVUdZhM%2B7eu5YytFJ3ucEXc0o6prbAHjO1uCpvsVx2cROApAg0QuiRGoJYi4P0"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e8876bbe459b5b-FRA
expires
Thu, 14 Dec 2023 10:07:15 GMT
angular-ui-utils.min.js
cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/ Frame 0FE4 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/angular-ui-utils.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTP9S6C2UYZN&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EXY3E12NMPEG&iframeId=offer_e759b0b2583bf76990fe-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
746136
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7490
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-5b33"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y3f802yNg6SSs282Br4vGmQmEgpAYcWtGHdXHqbY7UsjG9uJPVZfkvtX5t3X9DEBw5SYP0V6rO9g5REkerW8o%2BWmWdgYNsemS0ISBBvsCVXwus%2FOruoTt%2Bli4egWo4N8am0uMnLdWi9qEsThOC5OjqqJ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e8876bbe469b5b-FRA
expires
Thu, 14 Dec 2023 10:07:15 GMT
angular-ui-ieshiv.js
cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/ Frame 0FE4 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/angular-ui-ieshiv.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTP9S6C2UYZN&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EXY3E12NMPEG&iframeId=offer_e759b0b2583bf76990fe-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1916166
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
910
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-93c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tyvxz0od3fPdyAFkmVZGTvwuLJU4Ilin9k8twgWFgraI%2BSh%2B7S1VzilXSKaHZdYEDAefqyTikTnRT%2B2e0AJb1AgtOFDbELLUxoPz3rQgjlOMVKREviQZXbpoo1m9E9wRMFSb7yjqFEEhaRwYXehew%2Bvk"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e8876bbe479b5b-FRA
expires
Thu, 14 Dec 2023 10:07:15 GMT
angular-ui-router.min.js
cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/ Frame 0FE4 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/angular-ui-router.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTP9S6C2UYZN&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EXY3E12NMPEG&iframeId=offer_e759b0b2583bf76990fe-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
744114
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6934
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-4f8f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rw5psgxABAn3d%2B5lL7gB9AUHW2mp2Tp2hc%2B%2FH8d9wON%2B9oAZ8zgnA8rWiNO7KxDPVuxVloSuqMqFxqY24BbPnz9kwpzy25EPfq504KxoNRAqx8uyysGasbl9bzPVVK7KZ8FtVwOJdafPtBJFouCGqOe1"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e8876bbe489b5b-FRA
expires
Thu, 14 Dec 2023 10:07:15 GMT
H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA
buy.tinypass.com/_sam/ Frame 0FE4 		115 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=15.83.0
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTP9S6C2UYZN&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EXY3E12NMPEG&iframeId=offer_e759b0b2583bf76990fe-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea75fb39df594682cf1e4037e2e3dcfa0c3bfd928788e4d97a5afa7de90220a6
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTP9S6C2UYZN&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EXY3E12NMPEG&iframeId=offer_e759b0b2583bf76990fe-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
689
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 21 Dec 2022 14:47:48 GMT
wn
prod-dash-10-0-142-210
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
server-time
0.000
cache-control
public, max-age=604111
x-optimized-by
_sam
cf-ray
77e8876b9fd19225-FRA
expires
Sat, 31 Dec 2022 09:55:46 GMT
css2
fonts.googleapis.com/ Frame 0FE4 		15 KB
961 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Merriweather+Sans:wght@700&family=Merriweather:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&display=swap
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTP9S6C2UYZN&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EXY3E12NMPEG&iframeId=offer_e759b0b2583bf76990fe-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
824223df4a2291ae00674ab03f8d1c7fabe88f06dc285e88bf9cbf63967d8ce4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 24 Dec 2022 10:07:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 24 Dec 2022 10:07:15 GMT
truncated
/ Frame 7B55 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf345b823c947603926c9633eee3a62f0919754f362f457265122cce31377a79

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
qsn3xuryjc2x7qe51g26f.json
flashnetic.com/c/ Frame 7B55 		1 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/c/qsn3xuryjc2x7qe51g26f.json
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=qsn3xuryjc2x7qe51g26f&cb=3591241671876435338
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e4cf558eb0f7a10f82e18e722ff5d2224dc8d789bc88a76f2a0f8731afef487

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
.kTUcTUnLLvuPFCgYwyioM4kgSpLXjY7
date
Sat, 24 Dec 2022 09:43:35 GMT
via
1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
5740
x-cache
Hit from cloudfront
content-length
1501
last-modified
Thu, 10 Nov 2022 12:27:36 GMT
server
AmazonS3
etag
"9d56c4a1d64cc1c8205bf1103e78e8d1"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
*
accept-ranges
bytes
x-amz-cf-id
RMfzI9M_bHKHylPTRQ9qqFBZNCX3niEERWcLYGAH32iiQOm_MfG6tA==
352.2897ea678cd6f58ae327.js
console.adgrid.io/wp-content/uploads/crmc/library/ Frame 3559 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://console.adgrid.io/wp-content/uploads/crmc/library/352.2897ea678cd6f58ae327.js
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/wp-content/uploads/crmc/library/adgrid-crmc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:709 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3cf4ec3092fd23cd158f72f3fbba5eaa89ee02b8ff6f5bf35a2cf2f2d1bc9947

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-bgj
minify
last-modified
Fri, 23 Dec 2022 19:25:13 GMT
server
cloudflare
etag
W/"1bde-5f083beaa8428-gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LFoNAwmIHhszMcddLdO1Ef9oI%2BlXBD3P0Bn4vz1AZwQRlIRZE288owKswtiW5c72nstUQxT02HH%2BXpPTVC4HhdE7TyipT3U5if0T5nehrCEgcmcuGsooP4hAvfZ32DSG7BKNXpUXsOxcVZaaC8X4"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
cf-ray
77e8876bd9766958-FRA
access-control-allow-headers
origin, x-requested-with, content-type, accept
view
securepubads.g.doubleclick.net/pcs/ Frame 3279 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvdJ4hGY3i8Td5jk1fUcDXN8w2n0xrVKj2PdKYfMFyI0lgaOKOjeQnKz0kowVn9WCfHO4ROWQGb2KB7B5sdeHcWGgCHQurLH9PWz6u0HNKjeClmHxWHbzkhNYmUqJzjMvdTBirBeJvHp38o_jwo6omzoYKUAbyFK9ErzAD78HYVMTW4YXOcPr4LhT4NOOzjhM0MT7_r2Tvsx_Cu4oljPSWaorBsgbBxpE6P_1B9zOvruUZ8DbNsi5p4yCag2bXy_DuvIR9UI6fojQFNpRa1xSxXFl1-zoM6J-qxkZYaAo9lEJMO4g4GE0HeQkmTq5AvBMENt2HoKRnRMA6GKFBN8A&sai=AMfl-YQ5B1QXHs9fW4FFZYm07tALxPaP8vvhWGifSzte25ovZvsops_9CIK3-qhGUhI6Wf5D47Hac_9s2p89FGPP2ed8ugqAnURqgX34RL5fo5yE7wJxiZHsMe0jcsNqWrY&sig=Cg0ArKJSzDcvI1Gt-BFrEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
t.js
flashnetic.com/ Frame 3279 		54 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/t.js?i=bwmk952m28utzo2jabvdh&cb=5325361671876435819
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cd0038772a98bda5ec58eba7ca6dc699314b866e14a3a5f45921847d033873f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
_w3ae0RYCGBlDTPjQPIQB8LKoj64xOVc
content-encoding
br
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
date
Fri, 23 Dec 2022 17:55:55 GMT
last-modified
Fri, 11 Nov 2022 10:14:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
58281
etag
W/"57c945f3c1feba973398debac47b1341"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
KOE0YkGHy38DjxUXe3cN6iyV4m1GQcfZhel3AXURAL22J_QlklN2wA==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3279 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 24 Dec 2022 10:07:15 GMT
fail-icon.png
buy.tinypass.com/widget/dist/template/css/img/ Frame 5813 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buy.tinypass.com/widget/dist/template/css/img/fail-icon.png
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be36cf242d7b206d66842ab5b36af859b780372bba70cb5d72acda2626ffe52e
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
strict-transport-security
max-age=86400; includeSubDomains
cf-cache-status
HIT
age
4391
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2177
last-modified
Wed, 21 Dec 2022 14:47:48 GMT
wn
prod-dash-10-0-138-111
server
cloudflare
etag
W/"2177-1671634068000"
vary
Accept-Encoding
content-type
image/png
server-time
0.000
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
77e8876c488c9225-FRA
expires
Sat, 24 Dec 2022 12:07:15 GMT
2CD280_0_0.woff2
forward.com/workspace/res/css/webfonts/ Frame 5813 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://forward.com/workspace/res/css/webfonts/2CD280_0_0.woff2
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTLFKRY569ZK&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EX6TYRXXTQW3&iframeId=offer_f76144f4699d366ef6df-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
70af336fb470bc37a176ba3fe93bb670deb25f2103acfa62a05824f77a165cf4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload

Request headers

Referer
https://buy.tinypass.com/
Origin
https://buy.tinypass.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:16 GMT
strict-transport-security
max-age=63072000; preload
cf-cache-status
HIT
last-modified
Wed, 20 Apr 2022 15:01:57 GMT
server
cloudflare
age
224279
etag
"62602065-bad9"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
77e8876cbc6abc04-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
47833
2CD280_1_0.woff2
forward.com/workspace/res/css/webfonts/ Frame 5813 		48 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://forward.com/workspace/res/css/webfonts/2CD280_1_0.woff2
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTLFKRY569ZK&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EX6TYRXXTQW3&iframeId=offer_f76144f4699d366ef6df-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a365ce59f7ed6c29af902cece829e323ec91c9ab2096a97299d2ac89c2e8ffc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload

Request headers

Referer
https://buy.tinypass.com/
Origin
https://buy.tinypass.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
strict-transport-security
max-age=63072000; preload
cf-cache-status
HIT
last-modified
Wed, 20 Apr 2022 15:01:56 GMT
server
cloudflare
age
224279
etag
"62602064-bf87"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
77e8876cbc68bc04-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
49031
2CD280_3_0.woff2
forward.com/workspace/res/css/webfonts/ Frame 5813 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://forward.com/workspace/res/css/webfonts/2CD280_3_0.woff2
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=6Z1jcPLepu&templateId=OTLFKRY569ZK&gaClientId=550322770.1671876434&offerId=fakeOfferId&experienceId=EX6TYRXXTQW3&iframeId=offer_f76144f4699d366ef6df-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fforward.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f477371b4a58d7fc36343e56d3f11478ab8f0ddcf244b5e90c3391df69c36dc2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload

Request headers

Referer
https://buy.tinypass.com/
Origin
https://buy.tinypass.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
strict-transport-security
max-age=63072000; preload
cf-cache-status
HIT
last-modified
Wed, 20 Apr 2022 15:01:56 GMT
server
cloudflare
age
224279
etag
"62602064-bd7f"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
77e8876cbc64bc04-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
48511
view
securepubads.g.doubleclick.net/pcs/ Frame 7B55 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuPakU6Pq7m9u_n_Nrp9HBPAXn17k9zmsUEt4Efdo93kaPgQCbLvx4Lylo9CL9lxbXad--xjn-q0SDDq220dzWbXSIyUfihNO7R9nZjF-GwDMGcyWYYIESHnAk7TzXq37pmy3iiMXSUW8SFVTLdeJiAvRu3ws6LPUrJWMQboMtR7m_DPKgwTRYduCBFnvcxFNnubaRuYsUN5-NaaRXzuFBFJ227FXnk6iQxxC3N17zqhB2g-aw9GxONBPSDifjJ0FqezwpxSKCQmrnj86BMakwMwF1p_1Dr20z7danaV2gOmTSRKhnsGPsWiXBW8SUeGz2aEYDO1LcXcxq4Fj5eGXKB&sai=AMfl-YS9oBM8C6EfmWkYed91lnWJ3lQQCJKngtoD9_b1QgTl4QhqO7bo_j7fI-72357R5KMr9iTKHONXcMgVkpTXbKmwzpdMXbmN94z7dCRVZ4Etru_2lPSVC_rs2UKZdGVRMWzlN7d-3XHh8puu7zM2&sig=Cg0ArKJSzPG3IKULnhFREAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 24 Dec 2022 10:07:15 GMT
u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v30/ Frame 5F6B 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather+Sans:wght@700&family=Merriweather:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://buy.tinypass.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 17 Dec 2022 12:25:11 GMT
x-content-type-options
nosniff
age
596525
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20028
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:41:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Dec 2023 12:25:11 GMT
fail-icon.png
buy.tinypass.com/widget/dist/template/css/img/ Frame 5F6B 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buy.tinypass.com/widget/dist/template/css/img/fail-icon.png
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be36cf242d7b206d66842ab5b36af859b780372bba70cb5d72acda2626ffe52e
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
strict-transport-security
max-age=86400; includeSubDomains
cf-cache-status
HIT
age
4391
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2177
last-modified
Wed, 21 Dec 2022 14:47:48 GMT
wn
prod-dash-10-0-138-111
server
cloudflare
etag
W/"2177-1671634068000"
vary
Accept-Encoding
content-type
image/png
server-time
0.000
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
77e8876c990b9225-FRA
expires
Sat, 24 Dec 2022 12:07:15 GMT
u-4n0qyriQwlOrhSvowK_l52_wFZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ Frame 5F6B 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52_wFZWMf6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather+Sans:wght@700&family=Merriweather:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6b9eebb05461840790fc804b4590323ef12a57fe5af7fcdeed2d798e572844b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://buy.tinypass.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 23:26:12 GMT
x-content-type-options
nosniff
age
384064
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19816
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:08:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Dec 2023 23:26:12 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=forward.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=forward.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		20 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4000870435497380&correlator=246356571167512&eid=31071094%2C31071150%2C31071257%2C44777628&output=ldjh&gdfp_req=1&vrg=2022120701&ptt=17&impl=fif&iu_parts=22253468549%3A22704151777%2Cwavefrontnetwork%2Cforward&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x250%7C728x250&ifi=7&adks=2547734811&didk=2364695465&sfv=1-0-40&prev_scp=pos%3DLeaderboard%26tld%3Dforward.com%26TLD_POSITION%3Dforward.com_Leaderboard_3%26fqdn%3Dforward.com%26refresh%3D0_forward.com%26refresh_count%3D0%26domId%3DLeaderboard_3%26FURL%3D%252Fnews%252F529130%252Fgeorge-santos-jewish-lie-genealogy-records%252F%26SURL%3D248b7f4f19a75076c26b76f83f4becc8c20283df%26INVIEW%3D1%26sttrackid%3Da5xwxuhekqg%26GMAV%3D0_forward.com%26PAV%3D0_forward.com&eri=1&cust_params=device%3Ddesktop%26video%3Dno%26minute_rb%3D5SOV_7%26second_rb%3D5SOV_14%26referrer%3Dother&sc=1&cookie=ID%3D00d71eeb7218a6f1%3AT%3D1671876435%3AS%3DALNI_MZj7UvGLW8KA8qVkkACX9ZboIyD-A&gpic=UID%3D00000b97e6383860%3AT%3D1671876435%3ART%3D1671876435%3AS%3DALNI_Ma8AlKNCprDUKxC_SPmXoQIE3cynA&abxe=1&dt=1671876435959&lmt=1671876435&dlt=1671876433663&idt=1281&adxs=436&adys=5450&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F&frm=20&vis=1&psz=1340x51&msz=728x0&fws=0&ohw=0&psts=ACgb8tuH26h2SepmPQozErQ5YQOWv8iHwXSAEF9AggKZtJXnj-6lB9Ko6gPfvr24P_4C9GWnseHRtXpCeoRtY_5LVtupi_3O%2CACgb8tukqPiVSApHe6faiLSUf5TOhf4O9TTysCXOqkIqEuU7RVE5MICh8Nik_tCH5FrvqfLxBsdoFhDTI8l6AYCajWH6gHrf%2CACgb8tvgUT2Nk00Spfb-EwnbxnUYSk_L8Nd1n58i5BtlkSOI83E0Rhw8eRC2upC99V6x2TfwLCEpB5wWk1lqXooS5oh2hZpu&ga_vid=550322770.1671876434&ga_sid=1671876435&ga_hid=2095372866&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
289df860f081819cb0829e6273391d385b3b41ecced3a6ec8d8a906d06cfa290
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:16 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9293
x-xss-protection
0
google-lineitem-id
6039296123
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138411145431
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://forward.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 2620 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu6hWPy5_WKLUAoVuou-L6BHwxSDUAFpPuJ5aWTMnlAZzECfIPZjtbQQAiydpodnFXU6dMmpWMTjtqy5o7kQl5i4t2Xe2totHurjBn_ZAUjl3lfxDm2-gQDUGx6sXXqJqho3rf1KmK78sdmqHFbxwGIGuq0sfu7wpLSpixbixAGeq46FrpnILih0yyUPh6mIkDFClUez9oEY6eEP50lJmXp4PCw9zuuFAKzCejphZp7neaqs8CKnNzX5TUswi4gwQyXk0ig0tDh2hYP8W2DwxBH6grWwppPlo8PnDxKUiSblCF5cpCJ4bVQAc5wpT52f8-HUf3QYxLXBMjnszQOzA&sai=AMfl-YQaRkKgMyxEj1ArUTwkeFMCpvPPsSmQxExTxF_zlRgJshQNSbgUHATk1ZF64ezB5_OvskGfrzpuwRPiKtLMXvtZGWd8AYkzIqRZQA2hApfnIMhKaeGWoA8NYyR_QIk&sig=Cg0ArKJSzJnXQodKCiBfEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:16 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
t.js
flashnetic.com/ Frame 2620 		54 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/t.js?i=qsn3xuryjc2x7qe51g26f&cb=6372461671876435983
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cd0038772a98bda5ec58eba7ca6dc699314b866e14a3a5f45921847d033873f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
_w3ae0RYCGBlDTPjQPIQB8LKoj64xOVc
content-encoding
br
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
date
Fri, 23 Dec 2022 17:55:55 GMT
last-modified
Fri, 11 Nov 2022 10:14:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
58282
etag
W/"57c945f3c1feba973398debac47b1341"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
aTr-qrQFOyp-b9JYJO5UYJoD3r32lPoDgJAUWmwpkiSYv8HMJKUWVg==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2620 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 24 Dec 2022 10:07:16 GMT
ping
ping.chartbeat.net/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=forward.com&p=%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F&u=GYQjvC9dCBaBoszMj&d=forward.com&g=53213&g0=News&g1=Andrew%20Silverstein&n=1&f=00001&c=0.02&x=0&m=0&y=7559&o=1600&w=1200&j=30&R=1&W=0&I=0&E=1&e=1&r=&PA=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F&b=1283&t=C5fdHOBLMND2DThJgvDOhUQbJCDGV&V=139&tz=0&_acct=anon&sn=2&sv=Cjff33Dzb3_bD4hPW4ett-dBAuPhV&sd=1&im=067b0fff&_
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.154.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-154-34.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 24 Dec 2022 10:07:16 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
1671876435993
ads.bidstreamserver.com/servlet/tagger/85137328/ 		67 B
580 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.bidstreamserver.com/servlet/tagger/85137328/1671876435993
Requested by
Host: ads.bidstreamserver.com
URL: https://ads.bidstreamserver.com/js/libcode3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.10.31.14 Edmonton, Canada, ASN36483 (GOSSAMERTHREADS, CA),
Reverse DNS
Software
nginx /
Resource Hash
7b96c5e174d10b70ba2573785e8dbb219a6fffc522620b2f20915e4580931773

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:16 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
P3P
CP="NOI DSP COR NID"
Cache-Control
no-cache, no-store
Connection
keep-alive
X-Robots-Tag
none
Expires
Thu, 31 Dec 1998 11:59:59 GMT
bwmk952m28utzo2jabvdh.json
flashnetic.com/c/ Frame 3279 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/c/bwmk952m28utzo2jabvdh.json
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=bwmk952m28utzo2jabvdh&cb=5325361671876435819
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b51d5c5fc05e4d5ad17b8abc563e63c63c7628982ea443a50e70151738585222

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
0GuKANQfBHKZeTg_98sO.lBw1PEEYX5.
date
Sat, 24 Dec 2022 09:43:35 GMT
via
1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
17381
x-cache
Hit from cloudfront
content-length
1685
last-modified
Thu, 10 Nov 2022 12:27:35 GMT
server
AmazonS3
etag
"6717a3c89b39ba59581805858e1dd9ab"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
*
accept-ranges
bytes
x-amz-cf-id
UfsZTksdQPxDaRKT7d802qtVb2GfpQ0Ne4dlp0wDGyUhAQMAFs8KZA==
truncated
/ Frame 3279 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3dc1b78f8fbb2e2deedd7d92e2aa9b07e676e64e4dc88a6b3b2eaf65247593de

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 3279 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv4Efty6ZQLVpUcsWT3cuFjcTM_SmXzbrAzu8-IlQNwYRW3kReSoziefS-xOaGPXrBsk_w8Yoz4srEov_GliNmgeQ63jaFpsvkR7LjF0f1AwL0GnkzLOPXHGIYYmCtdZl9i82j-cWWLvLyrVnCJS8HZKc2iYa8M4R8NTtDnRCVpqWd_mL-BdkiWowQAF5q2vD3lcBKhAEeAHI2uY3J5sp4CkcnJmAACBUPPCZjgzqw3mL0fC4cL1Dgm0oy_7Ih3vAFH27K880OnJgpB78FDtho6DQwNm5koiJ2k0JYMIl7qpztvpr24efqzfxwrQZXct6f60oRSppak-5taMeNgQjKo&sai=AMfl-YRz3ZmdoyYGbZDu3azhJGRaN6kJJRX3X9bRIOWkmanj3jwkBJg1bbNfSWa0Av_6huGDxf1r9YhYwrJ-jgI7WOCGSO_49gF_F27iTZJP-TxzpdIJhr2T37Kdb834wTk&sig=Cg0ArKJSzIzg3Bm1IvtzEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:16 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 24 Dec 2022 10:07:16 GMT
rep.gif
comcluster.cxense.com/Repo/ Frame 09B4 		43 B
469 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://comcluster.cxense.com/Repo/rep.gif?ver=2.8.9&typ=pgv&rnd=lc1s29cyrhyc13er&sid=1139722735466746182&loc=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F&new=1&arf=0&ltm=1671876435235&ref=&tzo=0&wsz=1600x1200&res=1600x1200&dpr=1&col=24&bln=en-US&chs=UTF-8&cks=lc1s29mopehg4qkv&ckp=lc1s29cylwt8hdbq&glb=&amo=1671751235&cp_userState=anon&cst=2okhdbo26awd21eai5w42x0c08
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.75.83.64 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.cxense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
date
Sat, 24 Dec 2022 10:07:16 GMT
server
Jetty(9.4.28.v20200408)
content-length
43
content-type
image/gif
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame BAC3 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=qsn3xuryjc2x7qe51g26f&cb=3591241671876435338
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f0648dd60b72161450eb93d6fa81bb6ec46bb9dffb2d2d0c6f3b5d4ac1e01dda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27542
x-xss-protection
0
server
sffe
etag
"1430 / 116 of 1000 / last-modified: 1670587517"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 24 Dec 2022 10:07:16 GMT
prebid7.19.0.js
hb.adpone.com/ Frame BAC3 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=qsn3xuryjc2x7qe51g26f&cb=3591241671876435338
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:16 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3235
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sddgKSHkk%2FOfe%2FLPrNhc3r76BnRzEhPbSgNJFfpEr88k1vEKmpkRSeGIdB%2F7nFfP4waQqAVAvOwF6Y1yTF46vb8VpQpay7IHnLfVuQ81G3GW1eOq5Zwt9cu5og9KNCCP9bw5AYB2nkGo8II%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e8876dfb919022-FRA
p.html
flashnetic.com/r/ Frame 9522 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=kefsgtnvo&e=1535582086632
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=qsn3xuryjc2x7qe51g26f&cb=3591241671876435338
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16594
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
S0TagXksZj46MVabyqQpuFoE4ZG_oW0---qT-gJO1OKrb76jsF745A==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame 7BCB 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=vwggzaudv&e=1535582086632
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=qsn3xuryjc2x7qe51g26f&cb=3591241671876435338
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16594
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
6V1El7zl9w_fbY0RteIkTa23hwVf-h40irCD5YzLfJ9fmbBZOXiwtg==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame 18D7 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=icavjgt&e=1535582086632
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=qsn3xuryjc2x7qe51g26f&cb=3591241671876435338
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16594
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
oaEcVS2MKnJtRUPG-3OskX-HkGU08qlwMukMhZXhDVUhMFnvgkSBog==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame E57D 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=cigritfmlj&e=1535582086632
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=qsn3xuryjc2x7qe51g26f&cb=3591241671876435338
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16594
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
GqQq1fT0mXgFC8ypKIJPfygYFLjrxXNBMOJpsSNWToro_fslc6MwSw==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame CBFA 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=efljs&e=1535582086632
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=qsn3xuryjc2x7qe51g26f&cb=3591241671876435338
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16594
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
rZdHe36-QKMtoMPgbbH2YHoTKt2ZK2eDggJhatkzmBqMo5kLb9DWOQ==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame 0273 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=ybwpafwce&e=1535582086632
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=qsn3xuryjc2x7qe51g26f&cb=3591241671876435338
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16594
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
5H89XHV98R1HatKnfyYfGs6gmjJnK32E588oSfneuOetnEDYCIl0wQ==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame A1CE 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=hxphinku&e=1535582086632
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=qsn3xuryjc2x7qe51g26f&cb=3591241671876435338
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16594
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
2Xjuq5If3BTweplNF4x2RAybm3awLJs_lo-r46jzhKBjiib0oPs5ug==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame 0679 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=ajdxfouger&e=1535582086632
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=qsn3xuryjc2x7qe51g26f&cb=3591241671876435338
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16594
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
jZ7lU_Tc-6il79aqpeyDw1e6OR1R2YJWyLQEeYAzZ61C1mRkLgCrZA==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame 33ED 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=sqwwysn&e=1535582086632
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=qsn3xuryjc2x7qe51g26f&cb=3591241671876435338
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16594
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
0f7G29IVjclUrrZcwIiUlFFbvLuGuaRZVkVdfOmKxp2eithrL4Dmog==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame 3332 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=gsuhtufxa&e=1535582086632
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=qsn3xuryjc2x7qe51g26f&cb=3591241671876435338
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16594
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
qqbTW9l9gOXUMqDY3IPHPQLhM9_pbN0cNFIJRgfEFUPk6QWqpP3BEA==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame 6F22 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=snklkezbm&e=1535582086632
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=qsn3xuryjc2x7qe51g26f&cb=3591241671876435338
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16594
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
dQlRSIFJ60VWHho8f8-go4grlsAI09mVMrkacjb1n6Fu9ocA8aI87w==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame 1EF1 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=fcxutwsyos&e=1535582086632
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=qsn3xuryjc2x7qe51g26f&cb=3591241671876435338
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16594
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
wPbZw6PA073do80Cj5TiPKz02gv_w9u993VJP78GRSGiYZY5_Bjjzg==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame 697C 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=uffdafdut&e=1535582086632
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=qsn3xuryjc2x7qe51g26f&cb=3591241671876435338
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16594
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
QPDb_-rSE2Xu4Md78gkze2SYqkspih4sRCJKrjRoghhWq3zLEbi2cA==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame ED48 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=cqjing&e=1535582086632
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=qsn3xuryjc2x7qe51g26f&cb=3591241671876435338
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16594
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
oGQCQAvscBdDyCbVoTYUOf-Oqw4KUwmRnc3Wd47u-N9uLRrGIuVa8A==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
adx
securepubads.g.doubleclick.net/gampad/ Frame 99D5 		45 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/adx?iu=/92510019/custom_rich_media_ad_tracker&sz=1x1&c=2066204337&tile=1&t=crmc_id%3D4002
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/wp-content/uploads/crmc/library/352.2897ea678cd6f58ae327.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d48f8a9d632608d040480c3e916302c86b215abe80ae5d05e8356bcca861673
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
17415
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 24 Dec 2022 10:07:16 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
google-creative-id
138380280934
google-lineitem-id
6174295619
google-mediationgroup-id
-2
google-mediationtag-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 3559 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst4E4EKUxonj8fpp0DvM-osKqRMG1YqzQnwj5kodQEFnEahJ8U14Kqagw3MovHr-8-FQ2JksR22UAeBj16iqz45It5YPS9vsSS5GR0oBsCZxUihdz7lriEnLptfZ0abVNMteOi11aNq8NiDvwp7SIbAp4yP8h0HSBb4_WdhYpR_XB_jvwkgvzTyTp6KXmeOaAi4WYat8oEcPBP-aB45HXoXeUwjGzSK562ptGAeIKzCi6juHNFYiI4yuQ1l1GWHyxrPfeNK3XZAUSe2XVfpuxE009rNrn1ne7N_0qOrTl24vetWveUp3RewTbrrsUEEZiu5Y6YGWRJrR-om2HVMdBv5CP0_QCuQ3KW9gEF6RyQ26S-lK6bw2yOa_0wu&sai=AMfl-YS47h8wavIAv6-Zv_vuK_3oJlYdsB803-H4kA4sr3V1-8w9_ptF8XMPPdvUsgdxl85kfJmYPPNFSGmzXFGhAibPihTEKw8PgQpPV9HKIa7SUZHb6vVQp9V1Xm4J8qdtp2GjhQXq5hcRQ0CL8JOm7ro&sig=Cg0ArKJSzLmv9VN80gI9EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:16 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
truncated
/ 		715 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		380 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml
u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v30/ Frame 591F 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather+Sans:wght@700&family=Merriweather:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://buy.tinypass.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 17 Dec 2022 12:25:11 GMT
x-content-type-options
nosniff
age
596525
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20028
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:41:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Dec 2023 12:25:11 GMT
fail-icon.png
buy.tinypass.com/widget/dist/template/css/img/ Frame 591F 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buy.tinypass.com/widget/dist/template/css/img/fail-icon.png
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be36cf242d7b206d66842ab5b36af859b780372bba70cb5d72acda2626ffe52e
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:16 GMT
strict-transport-security
max-age=86400; includeSubDomains
cf-cache-status
HIT
age
4392
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2177
last-modified
Wed, 21 Dec 2022 14:47:48 GMT
wn
prod-dash-10-0-138-111
server
cloudflare
etag
W/"2177-1671634068000"
vary
Accept-Encoding
content-type
image/png
server-time
0.000
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
77e8876e0af49225-FRA
expires
Sat, 24 Dec 2022 12:07:16 GMT
u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ Frame 591F 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather+Sans:wght@700&family=Merriweather:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://buy.tinypass.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:03:48 GMT
x-content-type-options
nosniff
age
291808
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19740
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Dec 2023 01:03:48 GMT
u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v30/ Frame 975B 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather+Sans:wght@700&family=Merriweather:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://buy.tinypass.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 17 Dec 2022 12:25:11 GMT
x-content-type-options
nosniff
age
596525
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20028
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:41:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Dec 2023 12:25:11 GMT
fail-icon.png
buy.tinypass.com/widget/dist/template/css/img/ Frame 975B 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buy.tinypass.com/widget/dist/template/css/img/fail-icon.png
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be36cf242d7b206d66842ab5b36af859b780372bba70cb5d72acda2626ffe52e
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:16 GMT
strict-transport-security
max-age=86400; includeSubDomains
cf-cache-status
HIT
age
4392
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2177
last-modified
Wed, 21 Dec 2022 14:47:48 GMT
wn
prod-dash-10-0-138-111
server
cloudflare
etag
W/"2177-1671634068000"
vary
Accept-Encoding
content-type
image/png
server-time
0.000
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
77e8876e2b0f9225-FRA
expires
Sat, 24 Dec 2022 12:07:16 GMT
u-4n0qyriQwlOrhSvowK_l52_wFZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ Frame 975B 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52_wFZWMf6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather+Sans:wght@700&family=Merriweather:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6b9eebb05461840790fc804b4590323ef12a57fe5af7fcdeed2d798e572844b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://buy.tinypass.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 23:26:12 GMT
x-content-type-options
nosniff
age
384064
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19816
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:08:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Dec 2023 23:26:12 GMT
id
id.cxense.com/public/user/ 		103 B
693 B 		Script
General
Check archive.org
Download Go to
Full URL
https://id.cxense.com/public/user/id?json=%7B%22identities%22%3A%5B%7B%22type%22%3A%22ckp%22%2C%22id%22%3A%22lc1s29cylwt8hdbq%22%7D%2C%7B%22type%22%3A%22lst%22%2C%22id%22%3A%222okhdbo26awd21eai5w42x0c08%22%7D%2C%7B%22type%22%3A%22cst%22%2C%22id%22%3A%222okhdbo26awd21eai5w42x0c08%22%7D%5D%2C%22siteId%22%3A%221139722735466746182%22%2C%22location%22%3A%22https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F%22%7D&callback=cXJsonpCB1
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.75.83.64 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
907d64f718dc67f4aebb97177446bb93c8571df123753c6ddd1c6bc430e92f0b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:16 GMT
x-content-type-options
nosniff
server
Jetty(9.4.28.v20200408)
content-type
text/javascript;charset=utf-8
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-store, no-cache, must-revalidate
content-length
103
expires
Mon, 26 Jul 1997 05:00:00 GMT
HIAS2204_PBS_Web%20Ready_1_638e175b2e69d.mp4
console.adgrid.io/wp-content/uploads/crmc/assets/769/ 		2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://console.adgrid.io/wp-content/uploads/crmc/assets/769/HIAS2204_PBS_Web%20Ready_1_638e175b2e69d.mp4
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:709 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44f926e0c96cbc77f385849974bf7c59afbb225cf317f6da5da0c43c6a6871b7

Request headers

Referer
https://forward.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Range
bytes=0-

Response headers

date
Sat, 24 Dec 2022 10:07:16 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Content-Range
bytes 0-2532192/2532193
Content-Length
2532193
last-modified
Mon, 05 Dec 2022 16:07:55 GMT
server
cloudflare
etag
"26a361-5ef16e3e345ed"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
video/mp4
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JDc9pDJMNutQPgNXtICa%2B6AQxWU7gMDH8j13ljSiZ2G6HozzHSIYYliv%2BLRqy0QIT%2FqMEIwCy9G6sEptK1ifnTT2ae0ZLCydxGodFMQWgIgb1d5nVZ0ir8LG7%2BxuDgEjvAgwscDG0VeR2GU%2BO4tf"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
cf-ray
77e8876e4de36958-FRA
access-control-allow-headers
origin, x-requested-with, content-type, accept
truncated
/ 		547 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		552 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		177 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		351 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		242 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml
1222257073852167336
tpc.googlesyndication.com/simgad/ Frame 99D5 		563 B
912 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1222257073852167336
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gampad/adx?iu=/92510019/custom_rich_media_ad_tracker&sz=1x1&c=2066204337&tile=1&t=crmc_id%3D4002
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
162fed839a1e4d095a6a20ef545e587131b45bd8a3eeed6bdea84deae9794868
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securepubads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 11:56:43 GMT
x-content-type-options
nosniff
age
252633
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
563
x-xss-protection
0
last-modified
Tue, 01 Feb 2022 18:01:40 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 21 Dec 2023 11:56:43 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 99D5 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gampad/adx?iu=/92510019/custom_rich_media_ad_tracker&sz=1x1&c=2066204337&tile=1&t=crmc_id%3D4002
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securepubads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 01:38:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
30524
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9443
x-xss-protection
0
server
cafe
etag
9828741834572772835
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 07 Jan 2023 01:38:32 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 99D5 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gampad/adx?iu=/92510019/custom_rich_media_ad_tracker&sz=1x1&c=2066204337&tile=1&t=crmc_id%3D4002
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securepubads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 01:38:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
30524
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 07 Jan 2023 01:38:32 GMT
l
www.google.com/ads/measurement/ Frame 99D5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTB4I6rYWa47kLpQz1KLLcI05T3b2HzivX8H4A88IRgyXmu0viHP7iewPLWSP2mkfM-mZhz8oredOB9tNUuVCtMq5zOEw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gampad/adx?iu=/92510019/custom_rich_media_ad_tracker&sz=1x1&c=2066204337&tile=1&t=crmc_id%3D4002
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securepubads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v30/ Frame 0FE4 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather+Sans:wght@700&family=Merriweather:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://buy.tinypass.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 17 Dec 2022 12:25:11 GMT
x-content-type-options
nosniff
age
596525
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20028
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:41:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Dec 2023 12:25:11 GMT
fail-icon.png
buy.tinypass.com/widget/dist/template/css/img/ Frame 0FE4 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buy.tinypass.com/widget/dist/template/css/img/fail-icon.png
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be36cf242d7b206d66842ab5b36af859b780372bba70cb5d72acda2626ffe52e
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:16 GMT
strict-transport-security
max-age=86400; includeSubDomains
cf-cache-status
HIT
age
4392
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2177
last-modified
Wed, 21 Dec 2022 14:47:48 GMT
wn
prod-dash-10-0-138-111
server
cloudflare
etag
W/"2177-1671634068000"
vary
Accept-Encoding
content-type
image/png
server-time
0.000
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
77e8876f3ca89225-FRA
expires
Sat, 24 Dec 2022 12:07:16 GMT
u-4n0qyriQwlOrhSvowK_l52_wFZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ Frame 0FE4 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52_wFZWMf6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather+Sans:wght@700&family=Merriweather:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6b9eebb05461840790fc804b4590323ef12a57fe5af7fcdeed2d798e572844b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://buy.tinypass.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 23:26:12 GMT
x-content-type-options
nosniff
age
384064
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19816
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:08:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Dec 2023 23:26:12 GMT
truncated
/ Frame 2620 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
048c0d28b725fa7c9ccaeb246ffaa877c814b94d9bb9cbed28bb0b426ce3bc1f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
qsn3xuryjc2x7qe51g26f.json
flashnetic.com/c/ Frame 2620 		1 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/c/qsn3xuryjc2x7qe51g26f.json
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=qsn3xuryjc2x7qe51g26f&cb=6372461671876435983
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e4cf558eb0f7a10f82e18e722ff5d2224dc8d789bc88a76f2a0f8731afef487

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
.kTUcTUnLLvuPFCgYwyioM4kgSpLXjY7
date
Sat, 24 Dec 2022 09:43:35 GMT
via
1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
5741
x-cache
Hit from cloudfront
content-length
1501
last-modified
Thu, 10 Nov 2022 12:27:36 GMT
server
AmazonS3
etag
"9d56c4a1d64cc1c8205bf1103e78e8d1"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
*
accept-ranges
bytes
x-amz-cf-id
ewNQm8t2iszUjGOSem_4u1ba20UdEV-yBFdAzSvMypmXuuMkARpm_A==
view
securepubads.g.doubleclick.net/pcs/ Frame 5678 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstt_cHDGm6DrGvb_1AdVk2Z18QuhXS47D3AI0YPf1dcI6-rjLD4iFFgOGPXmPGm1Iciiu7j-r-f0omIVxwcwMUiwhAeuNhxdizS_lih2LS1l4oTA3hQakgOa5IRDh8QS4K2XtyBzrsHUBFLiWriFxxUiE83gqlHQZdE1BF72KG6mBjFqdJppe_TS0rS-fMrT2T38ihTNVPUDobNv6aXKd5RTU50DCsUUyTaEJDq6RRx8VWOJE0gzSa9JVwTMD0SQDbOz0-TU4DxeFB4BSA9V5cYybx_vWSbhC8EpRjwevtE5Qry6k8HxJBd7QLaMZqHBzDW7dplxmXJ-vxm6Xl1Ug&sai=AMfl-YQkl6a9_1p6DQ1-GeLf23NsRcYl59xbsPjpWcUPrJuTcvRlLUB6sdSDatw0AeouTYrNfJ6XXrqJwiznsKOyi5Li87JE-x1CCml-9Z5zNG2BPvwG58BafS0HGKS6lhw&sig=Cg0ArKJSzPOzy_QnSeg_EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:16 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
t.js
flashnetic.com/ Frame 5678 		54 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/t.js?i=qsn3xuryjc2x7qe51g26f&cb=4935021671876436414
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cd0038772a98bda5ec58eba7ca6dc699314b866e14a3a5f45921847d033873f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
_w3ae0RYCGBlDTPjQPIQB8LKoj64xOVc
content-encoding
br
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
date
Fri, 23 Dec 2022 17:55:55 GMT
last-modified
Fri, 11 Nov 2022 10:14:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
58282
etag
W/"57c945f3c1feba973398debac47b1341"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
9Ytq24d6jiTQzG1FeICWLNVMvnMMZcpvGaD-30pTpmhhOfs5OQZgIA==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5678 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 24 Dec 2022 10:07:16 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 99D5 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvV38iLdbK7n9ET2mmYUfkBsnAgX6uCtVMP_Usc0GW_4ln8-PtbfTW141c65GwZZTtNW-GlAyyEOCf00QDAmAlvBNk6IdLVVH8VOYUViZ9uGM2Ow6ldSTRxRQyuBbT3RCgVUZJvNwP8Nuzqnlq4K59wxnRuSjpSusFUjLlMFN76eRtJacnBR22CKy6PT8UniGwaRaexX_QXHVSsKL9HOMYioM-9J3N6Wc0yISDWdcE-BQEjSkTgwryMT4l1MYhzVvtpAhLJdL7UrAeAGj2ThRTpCTdnKR3v0YAl8fcVCMX-LSBJOHZI5mETk1hpHpXFHKCpBVWpCbj8wVY5PjaosEk&sai=AMfl-YS2KDokUIy4YlrsXZ997n5FArlPIK3qMYLY2pqQBOcw0stjj9PuN6Rdu7BgW9Mp05M-igT5mIDL6J4Yd35mQVcoKA9hRgMj3SoYU9Cu&sig=Cg0ArKJSzG_3cNkXgfrvEAE&uach_m=[UACH]&adurl=
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gampad/adx?iu=/92510019/custom_rich_media_ad_tracker&sz=1x1&c=2066204337&tile=1&t=crmc_id%3D4002
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securepubads.g.doubleclick.net/gampad/adx?iu=/92510019/custom_rich_media_ad_tracker&sz=1x1&c=2066204337&tile=1&t=crmc_id%3D4002
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:16 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame D2E8 		81 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=bwmk952m28utzo2jabvdh&cb=5325361671876435819
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
34fd432b7a129fd6d9599b585bcfc8cde51d7cfd47ad4f906f0b36ac359a562a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27666
x-xss-protection
0
server
sffe
etag
"1430 / 625 of 1000 / last-modified: 1670587582"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 24 Dec 2022 10:07:16 GMT
prebid7.19.0.js
hb.adpone.com/ Frame D2E8 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=bwmk952m28utzo2jabvdh&cb=5325361671876435819
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:16 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3235
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j3Mvjw8sshgNE0woVeCZbIg%2Fhw12WZrwT1Q%2B9swq%2BHAQlBkTuE95RdNVLdAWfsVyi8gI74iZtZIrwuttUiADQSDUl2p14sczSdtP83d2HGUyGpRyfD7V4eC807%2BTvwnGh4jLaliVj7s2oyc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e8876fee939022-FRA
p.html
flashnetic.com/r/ Frame FA8A 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=cujjtcwp&e=1971603729092
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=bwmk952m28utzo2jabvdh&cb=5325361671876435819
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16594
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
vufgMQH4qZwVuChG2FPcysqs8eH9bWWz1k1tW_7ZaMfuWDaWZhKHJQ==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame BAFD 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=etmctaf&e=1971603729092
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=bwmk952m28utzo2jabvdh&cb=5325361671876435819
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16594
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
HsgCqOngUms672s2rTFIPNZEYSf7KZKlrrhhvzn8ibxUsIW7GydZgg==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame 70D3 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=kwqcltffp&e=1971603729092
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=bwmk952m28utzo2jabvdh&cb=5325361671876435819
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16594
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
XAI-lDdeYsbI1uLjeMCHXO2lU3ZuZT4WENYGCZ2YlTfQh_KCCDj7xQ==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame 2C43 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=hrrpjho&e=1971603729092
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=bwmk952m28utzo2jabvdh&cb=5325361671876435819
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16594
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
WZoFCPGp4mqL0ntQF-jsFyqKjN2l5zpu_RNY0VVgmCAfMJjmKq6dcA==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame E538 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=rrurktyjt&e=1971603729092
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=bwmk952m28utzo2jabvdh&cb=5325361671876435819
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16594
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
QZ31vH9nRBFuA0sSX94DFhiWbkFUT-1-ph6-ZGRTyKKKYGOoraQ6pQ==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame ABF1 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=hmvbpoai&e=1971603729092
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=bwmk952m28utzo2jabvdh&cb=5325361671876435819
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16594
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
K-O4ktvMSdpIqfuHtiQs9EUfEe5gjF_bZEdD2dlqvGFS46Bej10z5w==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame 80A3 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=mvlbcgh&e=1971603729092
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=bwmk952m28utzo2jabvdh&cb=5325361671876435819
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16594
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
0QfXvTQikaga9W4Sth0-yFYjJAvt8xLiNGsxth0hmAAfPG0U5fbMqg==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame CE88 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=tnpxzjf&e=1971603729092
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=bwmk952m28utzo2jabvdh&cb=5325361671876435819
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16594
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
cd_VF27rFhDjKUDcMlMeesYb_6OzWQpSGQX7IOU__Js6JTvGSEz71w==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame 97A1 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=rwlksmka&e=1971603729092
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=bwmk952m28utzo2jabvdh&cb=5325361671876435819
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16594
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
wmQSycf-ZM9G1nOypIIIqz48FHmGW91hbrXDJwv6TIXrEx-gKb2-OQ==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame 5DDA 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=glwywkm&e=1971603729092
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=bwmk952m28utzo2jabvdh&cb=5325361671876435819
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16594
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
qVlJrGXiA8rYCTgntq5aml8u4YX1Nq14FSof473fs7w6HZe9Dy4Ajw==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame 582D 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=xsxkp&e=1971603729092
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=bwmk952m28utzo2jabvdh&cb=5325361671876435819
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16594
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
ic1ML5hdWmyxdGwVoEy7dCBLpT0KCtNn8nI7Pce0TDlos2Ya6_zAeQ==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame 0189 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=nhlvbl&e=1971603729092
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=bwmk952m28utzo2jabvdh&cb=5325361671876435819
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16594
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
7_sOMhNZZpTdbfr-3cptzXZulycijGvfiXegTtFUiTYhuduyXInWDQ==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame 67EC 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=fdicgvwh&e=1971603729092
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=bwmk952m28utzo2jabvdh&cb=5325361671876435819
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16594
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
CZ0Dagq_QU1L_PUyxwIHFYW0qjRb41mn4p4573Zgf46wA6xF5oA8OA==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame D859 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=kefqmat&e=1971603729092
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=bwmk952m28utzo2jabvdh&cb=5325361671876435819
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16594
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
71Bg3fsI4n1C2MNN2-aDhtti51WC3bn44ZN7iJZZ5jaaxkroIAelLw==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
pubads_impl_2022120501.js
securepubads.g.doubleclick.net/gpt/ Frame BAC3 		380 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 23:09:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39462
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131905
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 09:36:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 23 Dec 2023 23:09:34 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame BAC3 		445 B
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=forward.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e2eec9839f427a77f6427a55e2c2f1d54b5a4620a8b30f53de1b1081f0505f8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:16 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
156
x-xss-protection
0
expires
Sat, 24 Dec 2022 10:07:16 GMT
u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v30/ Frame A1F5 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather+Sans:wght@700&family=Merriweather:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://buy.tinypass.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 17 Dec 2022 12:25:11 GMT
x-content-type-options
nosniff
age
596525
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20028
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:41:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Dec 2023 12:25:11 GMT
fail-icon.png
buy.tinypass.com/widget/dist/template/css/img/ Frame A1F5 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buy.tinypass.com/widget/dist/template/css/img/fail-icon.png
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be36cf242d7b206d66842ab5b36af859b780372bba70cb5d72acda2626ffe52e
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:16 GMT
strict-transport-security
max-age=86400; includeSubDomains
cf-cache-status
HIT
age
4392
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2177
last-modified
Wed, 21 Dec 2022 14:47:48 GMT
wn
prod-dash-10-0-138-111
server
cloudflare
etag
W/"2177-1671634068000"
vary
Accept-Encoding
content-type
image/png
server-time
0.000
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
77e887707e409225-FRA
expires
Sat, 24 Dec 2022 12:07:16 GMT
u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ Frame A1F5 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather+Sans:wght@700&family=Merriweather:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://buy.tinypass.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:03:48 GMT
x-content-type-options
nosniff
age
291808
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19740
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Dec 2023 01:03:48 GMT
2-cO9IRs1JiJN1FRAMjTN5zd9vgsFF_5asQTb6hZ2JKZRekViesH.woff2
fonts.gstatic.com/s/merriweathersans/v22/ Frame A1F5 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweathersans/v22/2-cO9IRs1JiJN1FRAMjTN5zd9vgsFF_5asQTb6hZ2JKZRekViesH.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather+Sans:wght@700&family=Merriweather:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ba73342fbcbc99097a42b9b0593e8955771acf54eeafad72a4848a306dd19d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://buy.tinypass.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 18 Dec 2022 13:35:40 GMT
x-content-type-options
nosniff
age
505896
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15096
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 19:03:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 18 Dec 2023 13:35:40 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 2620 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsthN7VMUf5Cax0lZ73sQrJ1TkBhYnMy3rQIXEefEDrV4uQ0WLVnuv1p7Jm2sE5LtQo449ylRuZQbhzlAo7ZRw-KEg1-DtbdL46cdtb7b1RgUmEBwKUYrnTRNeQUc7urln3jc0UehR0TxZeWLAP7KAhTqrn94_WzUs_0HrKWvx6tkpu3AZ_dBEwQdT_FDKcuxg-xKVO7m6nDu-CalvfaUDSV_p8KZ-MfVPRJycxBEUMH_rpmB9xWCi6WwBjp5JGebtwJl3J4n2HEP6vN3SmQARFlc2lBbYJ2PB7ta-55EDR6xFCC7kaoivWicrpVabonWixZEsQZdA13W7R3NFGgyTph&sai=AMfl-YR9PD_VMsHNhRl5G1bW6Il51D7gEuK5XqyNIn52mcfRS2Vi341Oipozg2znup1ZGqcaudP_J6a92zsD-9aogQoyC9_cA9pLMMsHAwzTledYILxkVlTsWas0snUvZlA&sig=Cg0ArKJSzBjI6-d2q-8PEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:16 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 24 Dec 2022 10:07:16 GMT
zone
ads.bidstreamserver.com/servlet/view/banner/javascript/ajax/crossdomain/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.bidstreamserver.com/servlet/view/banner/javascript/ajax/crossdomain/zone?zid=638&uuid=9070c017ce75def74666ccd2bb5bc39f&tagid=ad-83406151&txid=79877780&refresh_count=0&sver=1&pvid=82898819&resolution=1600x1200&random=16954618&millis=1671876436591&referrer=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F
Requested by
Host: ads.bidstreamserver.com
URL: https://ads.bidstreamserver.com/js/libcode3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.10.31.14 Edmonton, Canada, ASN36483 (GOSSAMERTHREADS, CA),
Reverse DNS
Software
nginx /
Resource Hash
b2ae9aa32373d791b7b2e8197f12da5cc2bc4e598272ed96d1b66f542323b5ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:16 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
P3P
CP="NOI DSP COR NID"
Cache-Control
no-cache, no-store
Connection
keep-alive
X-Robots-Tag
none
Expires
Thu, 31 Dec 1998 11:59:59 GMT
zone
ads.bidstreamserver.com/servlet/view/banner/javascript/ajax/crossdomain/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.bidstreamserver.com/servlet/view/banner/javascript/ajax/crossdomain/zone?zid=638&uuid=9070c017ce75def74666ccd2bb5bc39f&tagid=ad-15977849&txid=29916087&refresh_count=0&sver=1&pvid=82898819&resolution=1600x1200&random=41201069&millis=1671876436592&referrer=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F
Requested by
Host: ads.bidstreamserver.com
URL: https://ads.bidstreamserver.com/js/libcode3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.10.31.14 Edmonton, Canada, ASN36483 (GOSSAMERTHREADS, CA),
Reverse DNS
Software
nginx /
Resource Hash
4234e4ec2f7e1a04adb589fcbadf04ff060d6a9a98f54d5126abdb460237962b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:16 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
P3P
CP="NOI DSP COR NID"
Cache-Control
no-cache, no-store
Connection
keep-alive
X-Robots-Tag
none
Expires
Thu, 31 Dec 1998 11:59:59 GMT
zone
ads.bidstreamserver.com/servlet/view/banner/javascript/ajax/crossdomain/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.bidstreamserver.com/servlet/view/banner/javascript/ajax/crossdomain/zone?zid=637&uuid=9070c017ce75def74666ccd2bb5bc39f&tagid=ad-9091948&txid=41784790&refresh_count=0&sver=1&pvid=82898819&resolution=1600x1200&random=18961229&millis=1671876436592&referrer=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F
Requested by
Host: ads.bidstreamserver.com
URL: https://ads.bidstreamserver.com/js/libcode3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.10.31.14 Edmonton, Canada, ASN36483 (GOSSAMERTHREADS, CA),
Reverse DNS
Software
nginx /
Resource Hash
44553310530d392bc781c35016a5eba3ffe816d2d9bef599f20df8f2acb167e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:17 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
P3P
CP="NOI DSP COR NID"
Cache-Control
no-cache, no-store
Connection
keep-alive
X-Robots-Tag
none
Expires
Thu, 31 Dec 1998 11:59:59 GMT
zone
ads.bidstreamserver.com/servlet/view/banner/javascript/ajax/crossdomain/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.bidstreamserver.com/servlet/view/banner/javascript/ajax/crossdomain/zone?zid=637&uuid=9070c017ce75def74666ccd2bb5bc39f&tagid=ad-86335943&txid=91375395&refresh_count=0&sver=1&pvid=82898819&resolution=1600x1200&random=11346887&millis=1671876436592&referrer=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F
Requested by
Host: ads.bidstreamserver.com
URL: https://ads.bidstreamserver.com/js/libcode3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.10.31.14 Edmonton, Canada, ASN36483 (GOSSAMERTHREADS, CA),
Reverse DNS
Software
nginx /
Resource Hash
88447372c8ba4e9d52aae7a51da05a4b42a32c5dbafd19f55e26ecfb0720fafc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:17 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
P3P
CP="NOI DSP COR NID"
Cache-Control
no-cache, no-store
Connection
keep-alive
X-Robots-Tag
none
Expires
Thu, 31 Dec 1998 11:59:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 76BD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsshDRJxfIAPzHmOIHInA2RSOLPgxJnKPFtCmTB4PPoZa_IUG98_siOCtnAcYlZdNBo8z0jRxnavzSF7kvhP4TcICk6MiQstV8pmBmDLt08PO_bJ6VdUlsnCLYyrdFL9Luum03U8m49_qX3zTTYbjZASSsqNkwrvmPJaEAjLTke7pseN2tZzNCnORRuwZN4TWz0PFmdgpX2w64l9UjVgS1Smutxhk7MSRGaaBLYX6rt3kw0cO8cQGZEiAOOIZ9TCKiY2bkhcRHv0l3c74MV2aae1Tk8cvnDv1ZO8RQ7f7z4r0sCqOJta3s6rf0H-bwE2Oz1iK4-DCLxowyNg1KzAaw&sai=AMfl-YQqQRNyXlIHdENiZ11O3vqOOGNPJFAVqXRVFIfIQohpCfV_RWS9Vhq9u50UHHM5oqIyLGB-ljRWKVID4COxZE9_WJa7vUUuWpm95ickLHw-EiRWX1ON62nik7DlMTA&sig=Cg0ArKJSzGoXwazVhNdSEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:16 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
t.js
flashnetic.com/ Frame 76BD 		54 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/t.js?i=bwmk952m28utzo2jabvdh&cb=6396901671876436617
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cd0038772a98bda5ec58eba7ca6dc699314b866e14a3a5f45921847d033873f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
_w3ae0RYCGBlDTPjQPIQB8LKoj64xOVc
content-encoding
br
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
date
Fri, 23 Dec 2022 17:55:55 GMT
last-modified
Fri, 11 Nov 2022 10:14:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
58282
etag
W/"57c945f3c1feba973398debac47b1341"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
NjX2qKfbtuRXss38ssTNKEU7RmikITWRGf1ftv9McS4Ohfd5RJC-CQ==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 76BD 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 24 Dec 2022 10:07:16 GMT
prebid7.19.0.js
hb.adpone.com/ Frame 9522 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=kefsgtnvo&e=1535582086632
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:16 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3235
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SYEQby%2FTvDAmWo1HxCTyWn0V4zR1sGro%2FlGWyI2ZEHfoOfodR%2BNuj1iFp0ZBvWsxRhqNTqCMrZjXDbwcEZl%2B0LYuO7xtfNczTFAzUqjivpo3BZS2GL9RAKWgkXIbPe%2FkaEGUJv1DOmKy8Vo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e88771b9589022-FRA
prebid7.19.0.js
hb.adpone.com/ Frame 7BCB 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=vwggzaudv&e=1535582086632
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:16 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3235
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LG50SbJrQw%2FWjkWBkOhnpUxCgQfCiucOLSisKwBLzOHi4qKMe8846MgwDXFsrtp%2BAwR6D5pBQTFMaIXQ9WujDspPj%2FQfmq4Wo755Fu9iySrdeVme3iNdl6iu0ch5LlAWMFefLIjZ365CRwA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e88771d97d9022-FRA
prebid7.19.0.js
hb.adpone.com/ Frame 18D7 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=icavjgt&e=1535582086632
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:16 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3235
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IoMlItF0vYK6f13QeEWXcrj1s%2Bi8eLzU8jCovy31QwuYFcLJ6Z1fIqzwxYhFMvhsnK6fARRkU5WdtqII33wM0iLvLLbGSc0ddjhMO3ShczAXNBFeM6BitPzJtaYPdYhO5qrhkR27O0RIZn4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e88771e98a9022-FRA
view
securepubads.g.doubleclick.net/pcs/ Frame ECB9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstH5S0PGVbjYdKl8phHsXTce_vr9jeQx_LdI_CGxXbkykXLtArGLQUaJAFN481Fv90ytb42HDsvqIzJmXjEPx-6HXo6qpVv0jV5qQ1WGZWRA8Z9LzqpDswpyuAPRybO1nz4-ESomu_tIvWnhA-PRH6JECnfS8a9plYaUg5XIQlv0bS7P68Zu8cej_8ksHJBi6jUND3kDw8hx_CSt2W_1GOCZhhKzPDOpmKIy0YLpSPh774-ZB734JNKjKnNp4lCrZVkOddfDIB3TeFNzeRKPQl9a5UtT64TwfMQtYXwr-nI2hxBwECsr5IXenOZbRFiQvyDy0KR8Q2ahdYjnNQYkQ&sai=AMfl-YSKQ4YSLIKyAIgz8HNZ7slxOktrQzsWETaqStBPkKagXnn8n25whFg60y0v1syPogKsVlcDgMPkXg5qn3_ncv3tVbSMZr8HHHBWWZyXq-HHhyHj4j_mp6VAoaaHvv8&sig=Cg0ArKJSzEBrr-pVdl8TEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:16 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
t.js
flashnetic.com/ Frame ECB9 		54 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/t.js?i=qsn3xuryjc2x7qe51g26f&cb=9239331671876436783
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cd0038772a98bda5ec58eba7ca6dc699314b866e14a3a5f45921847d033873f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
_w3ae0RYCGBlDTPjQPIQB8LKoj64xOVc
content-encoding
br
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
date
Fri, 23 Dec 2022 17:55:55 GMT
last-modified
Fri, 11 Nov 2022 10:14:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
58282
etag
W/"57c945f3c1feba973398debac47b1341"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
X22RNeD9dgY7d-UXGBJzgfL-pUBKl-rY6e4TnC0RYBOrytp87Ywdqw==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame ECB9 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 24 Dec 2022 10:07:16 GMT
prebid7.19.0.js
hb.adpone.com/ Frame E57D 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=cigritfmlj&e=1535582086632
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:16 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3235
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J3JVT6UGjlcfOTgMxKoOqChWu9s7rULeYr%2FRREY5ll320ISpjP8C6I17gjqP4cspyp7n%2F6zyK2wkuAhKIGocESm6Pxj7bVuFF0%2FEYPAHiAF35z37gaqH6EAnEY1TZty0Edryl0HglitQlyg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e8877209b39022-FRA
prebid7.19.0.js
hb.adpone.com/ Frame CBFA 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=efljs&e=1535582086632
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:16 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3235
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NKd2Uq%2F1r%2Bj0ca2IjAERhwVejKqvTQ8pmawarUj6yeKiR0EXPMdkJaE8q9XKE3M0WUFLPQeaDdtF6FxoMkjoNQ2XuPWzthm5PxItoFZHkCwJuOGswk%2F2CiqCq2MQAtOj1%2FMIISQ%2FrYQfQs4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e8877209cb9022-FRA
prebid7.19.0.js
hb.adpone.com/ Frame 0273 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=ybwpafwce&e=1535582086632
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:16 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3235
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nUI746poVhpM8iMXqOtuLyRelxB%2FO%2FZWz%2FgGN5ruxZ7umS3L01day3tZRGR4wGRQBEa9srLO8ocZUmN7R%2FQ1BQb1KadJWydqDrJgeSO18XD9VDun513lKZAwaKEZ2WKUAxRyF387uJfv%2Blk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e8877219de9022-FRA
prebid7.19.0.js
hb.adpone.com/ Frame A1CE 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=hxphinku&e=1535582086632
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:16 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3235
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FY5iF%2FFUd9ahsN23axL2toLGqeqLIwNDNA2jI%2Ba1O%2Fq0wJVVOJuQgQ9eRqq9NcFawJ1bXpESgwjKGNR26hQlZywk4pdz5foZpNAXWn7491mUK%2Fjo35hrE1I6NVPCO1xiy78HjaADE2RjVJs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e8877229f09022-FRA
prebid7.19.0.js
hb.adpone.com/ Frame 0679 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=ajdxfouger&e=1535582086632
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:16 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3235
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wIw8Izxe2oAB15z8Yt%2FflMLCQiT1hlEoMeTbvl8hF0iUtJ7BMUvY%2F6O3r9k%2FDlt38pEtUuF1UQqvqjdyMNwr0P%2FskswZvXIH2oBt70ssSHL3kuW2rWaik0IbVWt4IGGTtswM2z9Xw5f1rxk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e887723a049022-FRA
v1
prg.smartadserver.com/prebid/ Frame BAC3 		171 B
558 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:17 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://forward.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame BAC3 		0
174 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://forward.com
date
Sat, 24 Dec 2022 10:07:16 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame BAC3 		416 B
474 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F&tg_i.domain=forward.com&tg_i.pbadslot=%2F21671350435%2C22712312433%2F728x90-forward.com&tk_flint=pbjs_lite_v7.19.0&x_source.tid=593bf9a9-dd61-4459-aae7-135abf00ce17&l_pb_bid_id=6d2e4bb79a9076&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.532655503606541
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
5281ce8a45775d45e94d389346990e72dd1a0efd1d909caccbc419bed651b9a6

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:16 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://forward.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
416
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ Frame BAC3 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
ed51a7d3bddecdd5fe911f8dfad389d1894394e1333cb652f1213113fa25e4a9
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:17 GMT
AN-X-Request-Uuid
be91431b-60ad-48fb-9183-f59b819ff4a4
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://forward.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ Frame BAC3 		0
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=31905567994&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:16 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://forward.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
/
shb.richaudience.com/hb/ Frame BAC3 		4 B
233 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.55.101.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.208.101.55.162.clients.your-server.de
Software
nginx/1.14.1 /
Resource Hash
d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:09 GMT
content-encoding
gzip
server
nginx/1.14.1
vary
Accept-Encoding, Accept-Encoding
access-control-max-age
86400
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://forward.com
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ Frame BAC3 		37 B
564 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221391bbfedff5827%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22%2F21671350435%2C22712312433%2F728x90-forward.com%22%2C%22adunitcode%22%3A%22%2F21671350435%2C22712312433%2F728x90-forward.com%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2214af3d23e106884%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%22593bf9a9-dd61-4459-aae7-135abf00ce17%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%221f29ed87-2316-49f3-b0d6-aaf694576ab3%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a44c5ec9be6bcd67f6e553875dcb9066851517c90d83e8d812a019761015880f

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:17 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=INItxTXZMeIqvYN%2FErwUa2QoWaihPWLV6ZRlLz1P%2Bmo82TM3WdtSkg3X9pwb9X4xGai4tRsRWOiAzic6MZ73K5Xa4yIth4QCeY8UB4A7iTM%2FdyKIeIvdJFAJAJK%2F9JjkwoYj871m"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://forward.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e88772db9c9be9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
translator
hbopenbid.pubmatic.com/ Frame BAC3 		0
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://forward.com
date
Sat, 24 Dec 2022 10:07:15 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid7.19.0.js
hb.adpone.com/ Frame 33ED 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=sqwwysn&e=1535582086632
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:16 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3235
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Ow5BGncuzlPnjdngKLRiRcvsVrI%2Bmz4MowdMqV7syL2bd57MV6%2FnEdMqgiw0AHb5JJkv5gq0me3Pp1Yd2eMVKJjKys2yr9NVxRox9ZpoMJNSP5Sf51Zse9LRbyfEp0c8AdkN%2ForIXAbV3E%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e887726a499022-FRA
prebid7.19.0.js
hb.adpone.com/ Frame 3332 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=gsuhtufxa&e=1535582086632
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:16 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3235
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ef1dkYQBOxpClNKV5tZ%2FmuhB5iZURLOT7f0GXfRcrNZhORHBWZ%2FgI9VGlQokoCnyfwAysfIBFZRtxXKQdL2OiwhhT7yXJEwas4uyhK9JYJ8WukgI9FIj9Yb9SMamXlm%2FfKq53D%2F%2FpAT4PjM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e887727a8a9022-FRA
prebid7.19.0.js
hb.adpone.com/ Frame 6F22 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=snklkezbm&e=1535582086632
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:16 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3235
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nf660guw8l6K6%2BnosGWGn58oauG97nksLrpxjBZKGBweunp3Kv1ikqV4%2F%2B6V7IOn9mKfY161Cv%2BSmo%2FLdjTlAKqMlMGPINpgxT8c7fxeP%2FguDQTAII1mD2dJHFpxDjSy%2F8vEjQa3M5G9e0Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e88772aac69022-FRA
prebid7.19.0.js
hb.adpone.com/ Frame 1EF1 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=fcxutwsyos&e=1535582086632
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:16 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3235
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MetqGKYuXM5Yorp14h6mjPpcFdkFxbXSwmVRpR5lOdDViZYvnphwNtASfNmF3rux%2FR%2FkdHwYhZOc5OhGin3Kx%2Be2EOe9b%2BYF4UF3qcnDk5bbB%2FFYpj%2BjJnnBqfVm34%2FeErN3IkKd247TE84%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e88772bad39022-FRA
prebid7.19.0.js
hb.adpone.com/ Frame 697C 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=uffdafdut&e=1535582086632
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:16 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3235
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MrF67U5CXxZuRjlOvhz%2FI2sFSJushTwtQBYW1sDuHSRmRBvwJxGSeZXjRN13KnagAhKe7PJnmR6xRVQeHzZ7DyvgMQ4r1do%2FPBoawFuLHd27uxwK35UjOVaOa5tHF8Qv4vB2158CD7ghjXg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e88772cae89022-FRA
prebid7.19.0.js
hb.adpone.com/ Frame ED48 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=cqjing&e=1535582086632
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:16 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3235
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RXbmh4qjMeMlrrNfc6sX2mzwa9Pki41T3xCFcYg6f%2BR7iUDlR0nqfcu4rAHauXC9JXRI8tIL36LohAxyx3oFkt6mCI4dxxIx18KYfF7MUVmZ6qEscWPjalLsEOf%2F4E%2BFe19L64IJjOxGiRQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e88772caf29022-FRA
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame EF10 		81 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=qsn3xuryjc2x7qe51g26f&cb=6372461671876435983
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4726734a48b33c83575aa629342e5a8c36cf253e8c282c6e067b8a0c60a542ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27666
x-xss-protection
0
server
sffe
etag
"1430 / 522 of 1000 / last-modified: 1670587582"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 24 Dec 2022 10:07:16 GMT
prebid7.19.0.js
hb.adpone.com/ Frame EF10 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=qsn3xuryjc2x7qe51g26f&cb=6372461671876435983
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:16 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3235
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5vOWhcSjRBVOEEv2GzeDgI%2FLqBUWYNeZRdfbKk4QeweWwOwCbS69vfzzaYGpdrCeOcdnxvzkY6j5XkqXTSyk4z%2FiyxexLNnfrhgjTvS6OEU%2FspQzGVetaTae3ytAnjRyuA%2Fl5FbCcYxyvDA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e88772eb179022-FRA
p.html
flashnetic.com/r/ Frame 0075 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=pjbsvsf&e=1544311770728
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=qsn3xuryjc2x7qe51g26f&cb=6372461671876435983
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16594
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
8m8-F5aSJpcn9K1GIOHhY6M-hAl5eoPXrMgS15UlD4OZsERUcywKcg==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame FB2B 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=omaxbbue&e=1544311770728
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=qsn3xuryjc2x7qe51g26f&cb=6372461671876435983
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16594
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
Qf3EJRrQvKLeGrVOxSdR-PP1OtHyohP8XdQ_zTygB3Dy5D0ix3anQw==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame 426A 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=rnekscbjcg&e=1544311770728
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=qsn3xuryjc2x7qe51g26f&cb=6372461671876435983
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16594
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
XvbnPj4V3uvl75DAcslaNttu42fHVB0YLovin8n6tydbiQQAlzaZ3g==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame A5F9 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=rvhpjgub&e=1544311770728
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=qsn3xuryjc2x7qe51g26f&cb=6372461671876435983
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16594
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
mjo14XLt6ED4jTbt9PgavPNpjrka5wjFxoL1Oqp-3pqvVcn42CAwDA==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame C7D0 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=ppqndwhs&e=1544311770728
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=qsn3xuryjc2x7qe51g26f&cb=6372461671876435983
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16594
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
0EP6SFYBSVFxEpXtLbBWSI6jEZrq-843RpDmfBR0zm-LJ5b1Z2XFEg==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame 3A2F 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=jxkpnhr&e=1544311770728
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=qsn3xuryjc2x7qe51g26f&cb=6372461671876435983
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16594
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
dCX3QHfs3FvY2U-FerwWjArhed9A1MQl0dJUe1P7zzOm0Yh2yhwUEw==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame D1D0 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=nkjzjgi&e=1544311770728
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=qsn3xuryjc2x7qe51g26f&cb=6372461671876435983
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16594
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
EE5dsPUkZBaQXWLlyZHMSMEJgDi1LfcGjWFBnCIW6iwlmKvxQxREfA==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame 5373 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=pqhllppa&e=1544311770728
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=qsn3xuryjc2x7qe51g26f&cb=6372461671876435983
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16594
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
dVqjABcaJpHQSRcRAWPowiWorc-uHy6zDnvfJHjW8hCry7r2xXt_zA==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame 2838 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=awtdrmcdqn&e=1544311770728
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=qsn3xuryjc2x7qe51g26f&cb=6372461671876435983
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16594
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
tHxrfTn8pBVtuLN8QhSbNsioLT8sOQdOKSJttZwkXVNFFOgaA5poTw==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame 975C 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=cltyrs&e=1544311770728
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=qsn3xuryjc2x7qe51g26f&cb=6372461671876435983
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16594
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
CA8hhO9q0u4icEMBeYfpykTSiFj_HPGM6VUgmfZfxcE0rTXZjMZ3FA==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame BD25 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=hnhz&e=1544311770728
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=qsn3xuryjc2x7qe51g26f&cb=6372461671876435983
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16594
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
8MtexuO3mvokrtS6CU2rrk1S61xJrzYR75BUilFlSiPaIdO6M_bZjQ==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame DC41 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=zistsjmioy&e=1544311770728
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=qsn3xuryjc2x7qe51g26f&cb=6372461671876435983
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16594
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
u1gUrlqholFrj0MueJ5I7VX6TZ8vGvpF3_109f1rd-lOkqe7I7sP_A==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame C27A 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=nlrgpoa&e=1544311770728
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=qsn3xuryjc2x7qe51g26f&cb=6372461671876435983
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16594
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
h6bi0uvbE7Dgjw4HmjDige619u70dWWQeEBYpcwe8KZv0rtZuKIUEg==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame 8D61 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=lrvtjrcm&e=1544311770728
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=qsn3xuryjc2x7qe51g26f&cb=6372461671876435983
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16594
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
Zxos3A3M2S0IZaQ4GyuHZGbnt2q-h7m_M0wVLkfSQ5wwJ1W-O31wcg==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
qsn3xuryjc2x7qe51g26f.json
flashnetic.com/c/ Frame 5678 		1 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/c/qsn3xuryjc2x7qe51g26f.json
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=qsn3xuryjc2x7qe51g26f&cb=4935021671876436414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e4cf558eb0f7a10f82e18e722ff5d2224dc8d789bc88a76f2a0f8731afef487

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
.kTUcTUnLLvuPFCgYwyioM4kgSpLXjY7
date
Sat, 24 Dec 2022 09:43:35 GMT
via
1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
5741
x-cache
Hit from cloudfront
content-length
1501
last-modified
Thu, 10 Nov 2022 12:27:36 GMT
server
AmazonS3
etag
"9d56c4a1d64cc1c8205bf1103e78e8d1"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
*
accept-ranges
bytes
x-amz-cf-id
IaxxXISFgrsV2BQbmLWA9lcx6VfEN3IY244LorEhxH5aesv_oz9hng==
pubads_impl_2022120701.js
securepubads.g.doubleclick.net/gpt/ Frame D2E8 		382 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2f8c7997f52d388163a69b8832524663fd4b607f83cdb13ed9c6e928ad71fac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 22:23:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
42237
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132289
x-xss-protection
0
last-modified
Wed, 07 Dec 2022 09:34:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 23 Dec 2023 22:23:20 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame D2E8 		445 B
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=forward.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e2eec9839f427a77f6427a55e2c2f1d54b5a4620a8b30f53de1b1081f0505f8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:17 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
156
x-xss-protection
0
expires
Sat, 24 Dec 2022 10:07:17 GMT
truncated
/ Frame 5678 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cd2a8f6468ebf54a38933c6c2e50a3943235902c00ab9a0caccc70f8fe598079

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 5678 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuU5mzCV3-rM5KDlT5q6gMvmC85gJNWzugyq7mwbmjHnbXqAB9B_mhJGc9nrEgf2PLSKnoBp0JW2SQpFIjxnX9bZSHY1Xm4JAelVoIxA8eyff8vllqZcHPXH7NYjgwp0h3qV-tOGvTxLwQ4nVRxzTwTzquq75Cq3kKhnuoB5UYeMNaxBMNd1tNSDr8QBTPW8qPaO-90vpGHTZFSk1o0TRsdnK0Jnyg-2Ik03uipa-c20typRTypAfl1_cuUSN7_oF3XA0jOoqsunBnmOfGvypIfbRmMFe_cDxvIkFemjdzOUYduaaaOePFnhqlhXWDBDmPJrWL8Tg_OY1xqOS0zad7i&sai=AMfl-YT69Z_r5thqcjxQc3y5oi6zvrTMRycUOH6OI9ENsoCRBLzv27ISJtG1X4Wxti4Am8wIiLG4N54ivX1gp2IdVUfE5vPVHjvy-Zps7VnlmTh54svenxg2qYnxkdPccyg&sig=Cg0ArKJSzHah8NNUAmbfEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:17 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 24 Dec 2022 10:07:17 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 7B55 		42 B
497 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssyeNUxwYpbWDqygWgLp3G9yR3x6qfN2pEO7NVwNmh6LCIACtBTOwVPS-G2fjm5X9ecVrR8iHWpCbfOULGaz50dJtNXL7uJm3Uqr-UcpQt_06qrUmmP&sig=Cg0ArKJSzAADiZMh3LJUEAE&id=lidar2&mcvt=1105&p=46,436,136,1164&mtos=1105,1105,1105,1105,1105&tos=1105,0,0,0,0&v=20221207&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2826849246&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671876435330&rpt=554&isd=0&lsd=0&met=ce&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bwmk952m28utzo2jabvdh.json
flashnetic.com/c/ Frame 76BD 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/c/bwmk952m28utzo2jabvdh.json
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=bwmk952m28utzo2jabvdh&cb=6396901671876436617
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b51d5c5fc05e4d5ad17b8abc563e63c63c7628982ea443a50e70151738585222

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
0GuKANQfBHKZeTg_98sO.lBw1PEEYX5.
date
Sat, 24 Dec 2022 09:43:35 GMT
via
1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
17382
x-cache
Hit from cloudfront
content-length
1685
last-modified
Thu, 10 Nov 2022 12:27:35 GMT
server
AmazonS3
etag
"6717a3c89b39ba59581805858e1dd9ab"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
*
accept-ranges
bytes
x-amz-cf-id
Www3hnniui_TsLByKmbs7ulacm9U3QaCs868Tupo_NcpCEy5SJbjEw==
truncated
/ Frame 76BD 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3ca1922484e74570d4628e04048a148622692fbdc0096d16838353162427fc57

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 76BD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstw0Fwoks9kL_lMhHCIYEFhRPN2Viy4bgobfHVN1he8MgcK9dIK8UpWKUVrDcIlHBCd-F-Kpq0f3qpFbmwMDKY5UQHVzHpeB3a_km5WV1o3DlwArG1FAizJca04TVJjejhphF-lTmh37jNpOyEVxWFFfE_FkRGc4JcGdWyq_tRAGg4htkWOpwKOlvOwMc7m4WAU9Alg9D8ZeJ9T8vRWdPQ8kmAr9L5jnTcGw2A2tAwkwliZmirNYP62OyhWi6fyX_AuLKktqTfIVzizhYG2-CsPaTJBc5ihG3ctLuJBx0BPb3haNmv0eoNDNzWlSGDcSazNrb29h8VVtCJ6ODCcxIDQ&sai=AMfl-YT-L027WfWdi5ZXaH15L0T_eo4vzUDReuEQ5V52KegXNGUmhqXmXZOaQS1KLK3bZ0cj3Lk--Y8oJD-g4C8i_Euf_eAsm1z6UwWYUAUf91Cv9TynjFAfc8I88XhZ7OM&sig=Cg0ArKJSzFjNMFowzLGIEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:17 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 24 Dec 2022 10:07:17 GMT
prebid7.19.0.js
hb.adpone.com/ Frame FA8A 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=cujjtcwp&e=1971603729092
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:17 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3236
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yqwCvyOnGilCPHrUUrLJ3bL5T8pu96Z3nh2TlIHiNmHHqi%2FRFR%2FGfukYfTVJ4UgSATZYieVvaKxIz31Mh115Q1kOrTCC%2FA6p6KXX%2Fc4zT4ybi3vcjziYeYUte6ra5YnFhGDVvlOokQspIrU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e88774bda99022-FRA
activeview
pagead2.googlesyndication.com/pcs/ Frame 3279 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstiDR4gXTc-cM5y8dMZwYs6jOqCw0LwEbJzLyfYtnb_5IB7z4Qm1ZNv6t0ZJkO3AAwk9SUb8QhT35hM7Dg9RzfkEZQFuTM--i6MapdXjw_-x2g5IINR&sig=Cg0ArKJSzApiqk1jxw3jEAE&id=lidar2&mcvt=1125&p=502,1170,752,1470&mtos=1125,1125,1125,1125,1125&tos=1125,0,0,0,0&v=20221207&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3247586821&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671876435813&rpt=220&isd=0&lsd=0&met=ce&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		195 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0c7260fac65e4f7ac5cf524f8ca96efd419cbb5a9b18a3e06e44c448581e9093

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		515 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
11ec04e3948e25a0d78d2f77c04940b8e38a086624ec36fa4605a2a69b133e94

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml
pwt.js
ads.pubmatic.com/AdServer/js/pwt/161217/5905/ Frame 2E2E 		200 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/161217/5905/pwt.js
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
dff33f3eb71e3f0a789da7717269ffbacdd7f4337db9fe095fdade6ead5079af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:17 GMT
content-encoding
gzip
last-modified
Mon, 31 Oct 2022 17:47:50 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=76263
accept-ranges
bytes
content-length
62515
expires
Sun, 25 Dec 2022 07:18:20 GMT
prebid-bidstream-7.16.0.js
ads.bidstreamserver.com/js/ Frame 2E2E 		305 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.bidstreamserver.com/js/prebid-bidstream-7.16.0.js
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.10.31.14 Edmonton, Canada, ASN36483 (GOSSAMERTHREADS, CA),
Reverse DNS
Software
nginx /
Resource Hash
22201309f0cf063b1b586e76703ede6bd91b22b4966033b75ea753ba9202ebbf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:17 GMT
Content-Encoding
gzip
Last-Modified
Tue, 25 Oct 2022 15:34:24 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Cache-Control
public, max-age=86400
Connection
keep-alive
Expires
Sun, 25 Dec 2022 10:07:17 GMT
prebid7.19.0.js
hb.adpone.com/ Frame BAFD 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=etmctaf&e=1971603729092
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:17 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3236
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Eg12TPi1GwJ%2BejhiXuBtQjxFy4mkn%2FU8I79mtq5Ts7QTnBvhQfolFwJp5YK5O5XHnrSbOJ7Jk1KqiZr00WSsyx5KIwXApn14qxj5AUmQr5Gfz%2BFk4NmoxnZb3iBHJend8dErYPAflvmtzs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e88774fe339022-FRA
prebid7.19.0.js
hb.adpone.com/ Frame 70D3 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=kwqcltffp&e=1971603729092
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:17 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3236
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ki%2FqXQYzY6VNEnle%2Bqzpe5nxwWHkVyWB4rRDu4A4A5Uvlo08cI0T63gbUTOR1TNkWFH0KDD85l%2BMJg4X2kyX6%2BCYCB8b7XRSBeUYMW%2BEJZ7seMcWuOL0Gwk2qrzA1AIpfu7%2BQ0Qbi5nIujM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e887750e419022-FRA
prebid7.19.0.js
hb.adpone.com/ Frame 2C43 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=hrrpjho&e=1971603729092
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:17 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3236
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=if141I8W0jQJPS8AZfQcPquHJ%2BJQ%2FhZn5NKuZtsV9Zc%2B41bJpc01PFuNNcaJiI7vMgec9hoC158Qs1yu5Kikc0FNkOWhdRPQm3VoU8W6ay9rv%2F0vE3vXLL48NgoUXZCEzxCea7zGGkirPCo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e887751e4e9022-FRA
prebid7.19.0.js
hb.adpone.com/ Frame E538 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=rrurktyjt&e=1971603729092
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:17 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3236
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bfweZ5hptYTHsymZxHflQKRpDZZ59hG%2FwQXF4%2Fro6OzIuAx%2FGchKl4Sa%2F6YgY9PBsubTPvqV4z8HuxUVKMPsvt%2F0Af3HZ%2FEqGWaJ7rYIt1je14F%2FoekZTXOR7I92CTuaCqtUpPJFm1hhyZ8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e887752e6c9022-FRA
prebid7.19.0.js
hb.adpone.com/ Frame ABF1 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=hmvbpoai&e=1971603729092
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:17 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3236
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ra1M%2FODF1l5PglOa9nPx6qW2Wv8WP3qRTIdKvhmu2CjJ1Su9K9RGAJv7z8JaZvSHL2oFsTZf8P74RsibEUllyAAKOXZuw36RDPGEOeINaii32idnYCgFLOIQZNA14dQ3v5Y%2B8wdpz175yec%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e887753e879022-FRA
prebid7.19.0.js
hb.adpone.com/ Frame 80A3 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=mvlbcgh&e=1971603729092
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:17 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3236
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T7%2B2Rb0vza6oyJtDOd660Kn8FA44DzI50%2FyKgq%2Bctz%2FhVCmz0a61M64aioZl4Adqjj8qAZ78oHZWfg8sG15nJus%2FLrBIFkAC782JItP4v48rgpKmubevytlgRzlZJGI9nClpLjJm9DF7hUU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e887753e8c9022-FRA
prebid7.19.0.js
hb.adpone.com/ Frame CE88 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=tnpxzjf&e=1971603729092
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:17 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3236
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tFyxQNAG4hdSE3UtF5E9WKp2r9NBlb9jPfBJBw%2FPrnT5gIApFNWATemB1d0t8s7RvqVFNkHcPrB0%2FDtUhs%2BjYAppE6PhpfJQRajOm0cda8iZzeXGNeGz5JvITcdRoz3P10JE2qZkZDaYaYM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e887755edd9022-FRA
qsn3xuryjc2x7qe51g26f.json
flashnetic.com/c/ Frame ECB9 		1 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/c/qsn3xuryjc2x7qe51g26f.json
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=qsn3xuryjc2x7qe51g26f&cb=9239331671876436783
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e4cf558eb0f7a10f82e18e722ff5d2224dc8d789bc88a76f2a0f8731afef487

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
.kTUcTUnLLvuPFCgYwyioM4kgSpLXjY7
date
Sat, 24 Dec 2022 09:43:35 GMT
via
1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
5742
x-cache
Hit from cloudfront
content-length
1501
last-modified
Thu, 10 Nov 2022 12:27:36 GMT
server
AmazonS3
etag
"9d56c4a1d64cc1c8205bf1103e78e8d1"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
*
accept-ranges
bytes
x-amz-cf-id
qFH_LQ0y1lDdh-fnnsWGuNdhyLu6r7G439cvAvHReZAIq339BTEm9A==
prebid7.19.0.js
hb.adpone.com/ Frame 97A1 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=rwlksmka&e=1971603729092
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:17 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3236
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rN1bK4DLs0iN4LT1H3V4QOpuJYD0zGciXTXicXj6%2FiVRlhu8qxA72%2BaXggFtZJtLTDsGw5YLh09K9GLcbezoT0vFS39oMgNh5ZcCvlrGrcJ7zDJi64NO9sk1Eseje6Z50qnqD3Pfc43Vjg4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e887757ef89022-FRA
prebid7.19.0.js
hb.adpone.com/ Frame 5DDA 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=glwywkm&e=1971603729092
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:17 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3236
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZY1tPL7ZM5Q4%2BRaIOR9M%2BeSaZHlunM%2F%2B1055M1ObuO4XThM4M0YSVQjQrDkMvKRsd%2FONJD5TYxVMzz77JPOu%2FL8LeAfdDIqCeFZXqHhc4g0hqM0S6UsEbj3%2BLUforie9x11TcmiatUGGHF0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e887757f0c9022-FRA
prebid7.19.0.js
hb.adpone.com/ Frame 582D 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=xsxkp&e=1971603729092
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:17 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3236
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VMhoYw3w2uUHov8s4wJn42MTdmriK%2FLr46W6r558j2HZDvLrrQlwt%2BnfHRT2Td4FFwVLvwO8efrJgnFfH%2FAgOwQ75ALJnJer9l%2BEylYnv6%2B2HUvH6EgSb74hiE6%2BC2tRuw7sEV2B300PUgE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e887758f1f9022-FRA
prebid7.19.0.js
hb.adpone.com/ Frame 0189 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=nhlvbl&e=1971603729092
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:17 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3236
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BwTUpSsCPI8W%2Ba9uvec4mEVP7cipphspgV%2BoTKWkGRTX4ZiLHOTB8vquoaj310iaFuT8XmTVaMkh%2FxJeScfvKBZLoECGAITus6yMMTdGka36tEGa316B20utUTAVGwBtZdHUo0KiXYH%2F7DI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e887758f3c9022-FRA
prebid7.19.0.js
hb.adpone.com/ Frame 67EC 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=fdicgvwh&e=1971603729092
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:17 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3236
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K669TkYx9Xq2tlmYaWgdoxDHyzaJ4MZiQees%2F9oHRLl5WyFQ13B%2Bm%2FqCfhonz23ej4q8crTLfOCJF9nhmx1AGzPG05J8sozqDoCN9vxCp%2B9qABLUfseK4m9s374CAO2aAjMLZIUKGvYtxs4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e887759f509022-FRA
prebid7.19.0.js
hb.adpone.com/ Frame D859 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=kefqmat&e=1971603729092
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:17 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3236
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=flWoNDp9unGGxRAG2vdnpPivtCXS8b%2F7DQL4QzcqiK5yhY21jbLANGk15y1LcyJNdcYli5hp69djoyfdCtsOYCDiWoH6wVVzBlI2YBTnCZV5HshaN5aKNq4JXfygY%2Fef0SCe2dolAfr0au4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e88775dfae9022-FRA
pwt.js
ads.pubmatic.com/AdServer/js/pwt/161217/5905/ Frame 64CC 		200 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/161217/5905/pwt.js
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
dff33f3eb71e3f0a789da7717269ffbacdd7f4337db9fe095fdade6ead5079af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:17 GMT
content-encoding
gzip
last-modified
Mon, 31 Oct 2022 17:47:50 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=76263
accept-ranges
bytes
content-length
62515
expires
Sun, 25 Dec 2022 07:18:20 GMT
prebid-bidstream-7.16.0.js
ads.bidstreamserver.com/js/ Frame 64CC 		305 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.bidstreamserver.com/js/prebid-bidstream-7.16.0.js
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.10.31.14 Edmonton, Canada, ASN36483 (GOSSAMERTHREADS, CA),
Reverse DNS
Software
nginx /
Resource Hash
22201309f0cf063b1b586e76703ede6bd91b22b4966033b75ea753ba9202ebbf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:17 GMT
Content-Encoding
gzip
Last-Modified
Tue, 25 Oct 2022 15:34:24 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Cache-Control
public, max-age=86400
Connection
keep-alive
Expires
Sun, 25 Dec 2022 10:07:17 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame D2E8 		0
173 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://forward.com
date
Sat, 24 Dec 2022 10:07:17 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid
ib.adnxs.com/ut/v3/ Frame D2E8 		17 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
c59dd1308c17bbea9f02896777ce23345ee0210ce6266c9ab93682951472d07a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 24 Dec 2022 10:07:17 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
c9985e33-41fa-499b-93e7-fabc4e1b753e
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://forward.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ Frame D2E8 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=28547280460&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:17 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://forward.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
/
shb.richaudience.com/hb/ Frame D2E8 		4 B
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.55.101.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.208.101.55.162.clients.your-server.de
Software
nginx/1.14.1 /
Resource Hash
d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:10 GMT
content-encoding
gzip
server
nginx/1.14.1
vary
Accept-Encoding, Accept-Encoding
access-control-max-age
86400
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://forward.com
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ Frame D2E8 		171 B
553 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:17 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://forward.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ Frame D2E8 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://forward.com
date
Sat, 24 Dec 2022 10:07:17 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ Frame D2E8 		37 B
537 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2213ef0626b854eab%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22%2F21671350435%2C22712312433%2F300x250-forward.com%22%2C%22adunitcode%22%3A%22%2F21671350435%2C22712312433%2F300x250-forward.com%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2214fb9adee77521a%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%22b0c8cf26-c1dd-4da2-b659-d33d492bb7a6%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%223d63329a-5605-45a5-bdd5-fe2c5f57f77c%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4ebf79364a5cbc490423beb0c71f364c65b9c023dfc608afb35c93f587830b5

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:17 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ebzIvdHDb8iyrPlhUJLNYUyHJdYdtvRZIRFuqXUcXNziW6KLkcUN5Beil1IWWVL2inAfDHVYL%2FA37IvWQk2n%2BByumx8GcwSxNQ4ugZBOqWB2ZDNFWLdbVFGHKpgcQ7q29TFB1ZW"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://forward.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e88776cb82696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
v1
prg.smartadserver.com/prebid/ Frame D2E8 		171 B
553 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:16 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://forward.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame D2E8 		418 B
476 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F&tg_i.domain=forward.com&tg_i.pbadslot=%2F21671350435%2C22712312433%2F300x250-forward.com&tk_flint=pbjs_lite_v7.19.0&x_source.tid=b0c8cf26-c1dd-4da2-b659-d33d492bb7a6&l_pb_bid_id=1885aeb1c553edc&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8680304375254144
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
f631fec40daaba78983792e7b88a2c07edfa2c90aae98bc1385b243c4e07a288

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:17 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://forward.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
418
expires
Wed, 17 Sep 1975 21:32:10 GMT
truncated
/ Frame ECB9 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
440393abdc3b992430164db0c67e524e273a86548d2d8338e0cedd9e54658879

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame ECB9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss-KmgRgF8Cn0sA_WITY6XhloAlycEfYVdu_TpQIAPMdK1_Fau9KlOu6C9wyMtI0a3CqOl56lQYInAPxm7Wp9mrF42K33Qky9DMJht5CSASXp2JSrRmhJ1Ov9nPDy_l8YzXfd6fzuvCMEYfU2BJEMShvgAjD5rEqPZje3T856smELMNH-_eVZqR6fPORtakygW3a7XFhTx1e2OPERcufSWH1tsiZq0P9Sm9nQVvt9Jg0NPbR9n0eR1cdJx7kRo3mSdlxJf6qr4uG6OtL2mOOWW4L8g9eICUMTwyJ0Zbrhix0y3IXK2DP0rHQgakwvq_6J1e4Ej3m7Ih3wbA_p6U5eW8&sai=AMfl-YSApoyFOOQC1pObIAYupymLB3U1pGNpgd3bFnpfDiw0x4iDaN_7iwb8sSTK0WtkfR7ppdXijbr8zccY5GfWSBil-P8-Src3rAZDGWMNEveInlwxzHE-cJlFhjs3W2Y&sig=Cg0ArKJSzHrnPHZhRDjCEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:17 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 24 Dec 2022 10:07:17 GMT
pubads_impl_2022120601.js
securepubads.g.doubleclick.net/gpt/ Frame EF10 		381 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
949ef00ce71e069fc69a6b829771726245072e18e56b264c536837c459b3febf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 10:58:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
83353
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132161
x-xss-protection
0
last-modified
Tue, 06 Dec 2022 09:39:55 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 23 Dec 2023 10:58:04 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame EF10 		445 B
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=forward.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e2eec9839f427a77f6427a55e2c2f1d54b5a4620a8b30f53de1b1081f0505f8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:17 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
156
x-xss-protection
0
expires
Sat, 24 Dec 2022 10:07:17 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 9522 		138 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
2e19e80a4f892d1c5903d382af3976c1ff321976e6dc93784c5ccdadcd2bde5e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:17 GMT
AN-X-Request-Uuid
1d870ab0-3ac6-4a22-aa46-8e9a51ad8be0
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 9522 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:17 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ Frame 9522 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:17 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 9522 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:17 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 9522 		333 B
385 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876436743&tk_flint=pbjs_lite_v7.19.0&x_source.tid=f0ad90bb-bbe4-4fdb-8eed-3b1cd2d746b9&l_pb_bid_id=10487643c634d37&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8595974853714534
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
43701cb810e01e4ec690bc8b4847f7d6ed69568644b33ecae41043e5f865deed

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:17 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
333
expires
Wed, 17 Sep 1975 21:32:10 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame 9522 		37 B
510 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22113b40b429e68c9%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876436743%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876436743%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2212bbcfe991f24fd%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%22f0ad90bb-bbe4-4fdb-8eed-3b1cd2d746b9%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%229a34b366-a8b2-4e05-ada8-c575d70756be%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97ad811c256c5085c585ea0911b6adc45514ee6645506e8331f03ab7db92f23f

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:17 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yoe0jPk5W0wxe5wpmG0Hfzrfp%2BvP0ZVGEmCKIkMMbmMv%2BTnS24ZYOoTCIHK8R5O9%2BERHVSP%2BGWC%2FPlt%2B4nKTdsfkmbyeD08LDget3%2BDVVEQgIpps%2BBUT9cI4vU0XWCmFQ3pbMq0b"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e887771c28696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
cdb
bidder.criteo.com/ Frame 9522 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=99254878159&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:17 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame FF5F 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=qsn3xuryjc2x7qe51g26f&cb=4935021671876436414
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f0648dd60b72161450eb93d6fa81bb6ec46bb9dffb2d2d0c6f3b5d4ac1e01dda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27542
x-xss-protection
0
server
sffe
etag
"1430 / 123 of 1000 / last-modified: 1670587517"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 24 Dec 2022 10:07:17 GMT
prebid7.19.0.js
hb.adpone.com/ Frame FF5F 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=qsn3xuryjc2x7qe51g26f&cb=4935021671876436414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:17 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3236
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dF%2BC5MFwhbVnP6RM%2FA0d%2BB28j328mPVvNE2jS32gKozsYVQnY96UjVYKyKpSjVPSBoVsa1xvyqLhq9Pmd2abDorFKv8ur9PfD5xUegdrQZWdbea9Knbm3sTBX54ESJvu3%2FdK1XtNHCQPNX8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e8877759c89022-FRA
p.html
flashnetic.com/r/ Frame EE01 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=givah&e=1066281148413
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=qsn3xuryjc2x7qe51g26f&cb=4935021671876436414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16595
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
e6y7pTtiBBqyAQiFUQvaEtsTP2wEl_csGr_edRRl_0uZrt6xdAQhPQ==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame 4317 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=lskbzykrm&e=1066281148413
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=qsn3xuryjc2x7qe51g26f&cb=4935021671876436414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16595
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
XYusewvZvPWKMz4oJfi7LqNNbaYvWlM7aVDnwIp-Nn4n-deIYZ-lOQ==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame 1F1D 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=vizblti&e=1066281148413
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=qsn3xuryjc2x7qe51g26f&cb=4935021671876436414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16595
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
VF5fdCPzQtRZrxKAAH98CCQoKon3MM2baaR0dnbjj0jUdUrWw9mk5A==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame D482 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=okdiqcd&e=1066281148413
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=qsn3xuryjc2x7qe51g26f&cb=4935021671876436414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16595
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
_nGWyKDu3Rh1hMHdu0S_qS7U6oSUbX9eTM1eHBExoKbjt_-8amncow==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame ABE4 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=pizeyir&e=1066281148413
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=qsn3xuryjc2x7qe51g26f&cb=4935021671876436414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16595
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
DCDfILjkZwqrxYlID7XaMC9oz9pkh6reFBpC0MJ0X2o3IAXbMnLqhg==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame EE7A 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=xmxoneb&e=1066281148413
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=qsn3xuryjc2x7qe51g26f&cb=4935021671876436414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16595
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
ZnvWd16e_t0uHSFIvzi_gY3CRoUUYwB3Y1SHqHsgnmJrXr9dQ93WsQ==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame CFBF 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=kvhzjtyfqq&e=1066281148413
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=qsn3xuryjc2x7qe51g26f&cb=4935021671876436414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16595
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
Ehx2JvXvrYXfxHcH8FC09xGQLFCASotJjkxZ9vYpX55NDPC-hWVoJw==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame 0F1D 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=efkknsne&e=1066281148413
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=qsn3xuryjc2x7qe51g26f&cb=4935021671876436414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16595
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
g4sHyc0n3p9U9Jom7CfoeUXojY5RNsUlRc_22XNfmC7lSdBF_yIp7A==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame 07B2 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=elprofvcf&e=1066281148413
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=qsn3xuryjc2x7qe51g26f&cb=4935021671876436414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16595
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
AQAjT7SblxKifocyTiu3oErE10LxbPop11J5ZYI5qGnD3lcuHem9kA==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame ECC5 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=uzafkcyj&e=1066281148413
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=qsn3xuryjc2x7qe51g26f&cb=4935021671876436414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16595
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
qxuUnljzJ4457FI--G1n-6ifzynlYQQF0e7Ej1-73_GO4wnX2V9QFw==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame 2B0F 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=inlu&e=1066281148413
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=qsn3xuryjc2x7qe51g26f&cb=4935021671876436414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16595
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
m2GgsDVSsoss7VAHbGoVRJguOOeml4jkQ18SFNkq6bTD8MzuxDsNOQ==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame 7CDF 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=jmbcovogv&e=1066281148413
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=qsn3xuryjc2x7qe51g26f&cb=4935021671876436414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16595
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
Kye2979wiJwZCUm5-lPWWdlCwKS5jDMqerP1v1IiFetP9SJezOy5-A==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame C3A1 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=fjuorydv&e=1066281148413
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=qsn3xuryjc2x7qe51g26f&cb=4935021671876436414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16595
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
qkZe2Lt36KyUmRlsx7SIvq8nHpFGa-WOfTgq0PMlJlXfvfw2I6U7rQ==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame A88D 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=ialitks&e=1066281148413
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=qsn3xuryjc2x7qe51g26f&cb=4935021671876436414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16595
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
zIkq6GtNGnlyixQDwUpPCqhzIiFKckIJJgGfD_U_srvYt7RTrXKGtw==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
translator
hbopenbid.pubmatic.com/ Frame 7BCB 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:17 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ Frame 7BCB 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:17 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 7BCB 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:17 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
cdb
bidder.criteo.com/ Frame 7BCB 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=56490367682&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:17 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
prebid
ib.adnxs.com/ut/v3/ Frame 7BCB 		13 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
a23d624d137e1fbeb52277c02cbf9f88d92919b2dba6428a325f727f7dd01fa0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 24 Dec 2022 10:07:17 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
c80e2692-dd86-4ad9-8df9-aacf6a096da2
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame 7BCB 		37 B
510 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2211ba7d4c1425a0e%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876436757%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876436757%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2212e125cff5ec9e%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%227488c04b-69f1-4942-badc-b5a677f504e4%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%2220ace8ce-7b99-429b-962f-9aa4bc4ff1fc%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1300faad03c461da64eef0fb97f89d435176ca7d39bde86607b71e18a64d171b

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:17 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iXCiP%2Fm18JaOySXG7l9nyVszFslv%2B%2BJtsYpCh4deFZFlyvxTwh7ZYA%2BIjy2N3vQy5Cjdv%2FQTYJ%2FvjTyxTuOFi5TtMeTS47nAPaRpjvLsCCpvlZI6nmCjVRC3nE%2FP7YIF2JN2YfTS"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e88777ad2a696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 7BCB 		333 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876436757&tk_flint=pbjs_lite_v7.19.0&x_source.tid=7488c04b-69f1-4942-badc-b5a677f504e4&l_pb_bid_id=148db481e22fcbd&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3852855561037434
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
5b0c2f7ab4d70392be7f87a7f0145436948a7fb6e346742af6e85bc996ee5469

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:17 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
333
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame E57D 		333 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876436787&tk_flint=pbjs_lite_v7.19.0&x_source.tid=f5c0dc70-5355-492e-8638-39b821704826&l_pb_bid_id=2fee63daeb5e56&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.39763732421926545
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
6361b6f95b5416452f29f32c91dce442dfb8e1d697a6155eb70ab94cd71fd4b5

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:17 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
333
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ Frame E57D 		13 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
f8a6a807c8d0ba729f942638a088bdffebd096a31bd218930f8221519baa930b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 24 Dec 2022 10:07:17 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
460a9414-11eb-4cfb-9ff0-aad700899ad5
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame E57D 		36 B
506 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2252cc2e0fce92ae%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876436787%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876436787%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2263c820a5802376%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%22f5c0dc70-5355-492e-8638-39b821704826%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%227b31de10-3c08-497c-94cf-9a8e39b4b8df%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ec27d012f0a3f6893f3f505a56df4f86a86d4397f005d22c7f1c6006caa2773

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:17 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eLhqTsCpcJWnA0DVbH9gb5UyaUBpJri%2B5hl%2BmMtFPRdoBCB%2Bi%2FHfI%2BzJR58RjDYmZc7YzmDmTSCjls%2BvzD41GBWjMvVrW2Q2ygRtwNMT58JKbS3CAMnTDPO9u0nstnP9k1VMPSw0"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e88777bd50696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
cdb
bidder.criteo.com/ Frame E57D 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=86656550475&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:17 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
translator
hbopenbid.pubmatic.com/ Frame E57D 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:17 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ Frame E57D 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:17 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame E57D 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:17 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 18D7 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:17 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
pbjs
htlb.casalemedia.com/openrtb/ Frame 18D7 		36 B
506 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%223c51df13ad4f9e%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876436766%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876436766%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%224b3bd431108405%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%22214cd2dc-9d26-4dbb-87ee-1777b1e1c010%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%22c451a55c-eda4-4281-b4fd-498f2a5707eb%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f02ec6f3ed1c65307c993f3fadea6534e06589ee17f13d6a112168b0ae47cad2

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:17 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ORu4CTVgpTp4BLB604bRAZUDvQUgeVd0EQ%2FcO%2BQUuSF81wZgA2icsQlGGz3et4DYdvkR2Y13DFsZR823oI%2BNyW23bQLvxlLX1%2F6sC1zVji44J5fWkUjS%2BwQvvkIP%2FpAZgTdFyPa7"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e88777cd60696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
cdb
bidder.criteo.com/ Frame 18D7 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=36353963722&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:16 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
translator
hbopenbid.pubmatic.com/ Frame 18D7 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:17 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ Frame 18D7 		171 B
561 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:17 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 18D7 		333 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876436766&tk_flint=pbjs_lite_v7.19.0&x_source.tid=214cd2dc-9d26-4dbb-87ee-1777b1e1c010&l_pb_bid_id=1252042b72d80f6&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5627217677691332
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
26fdb94abd6ed18a974d4fab3e63c2aeed5c711c5cbb721e1f5a51fc877d2e01

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:17 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
333
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 18D7 		16 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
756f849fe4de297f9dc575052319182bc97e41c46823e2c73da2ff358bdc4c46
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 24 Dec 2022 10:07:17 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
edae8552-3027-4bac-9f03-7d120d27e6ce
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 0273 		16 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
3a7f45ab35fd0844ea07cfc8a3ef3b5ade187f5dfd33bbb67c3d05137d30e104
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 24 Dec 2022 10:07:18 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
819b8b49-b43e-49ae-8d5f-728d42f31466
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 0273 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:17 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 0273 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:17 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 0273 		333 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876436803&tk_flint=pbjs_lite_v7.19.0&x_source.tid=36de9cae-33ac-4fd9-ae82-0b04104e6550&l_pb_bid_id=8d37b54517bfe1&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5573323541442949
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
7e4cb4dffeaaee909f87f4c116cbe2b12eff881d34da9cfaea78b5ceb801aeea

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:17 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
333
expires
Wed, 17 Sep 1975 21:32:10 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame 0273 		36 B
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2295a32a06440c9b%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876436803%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876436803%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2210c9009e80925c%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%2236de9cae-33ac-4fd9-ae82-0b04104e6550%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%22a6694c4c-e74a-4a50-9f9b-514a5f432708%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01d0067acf20519b04574b8f28e1a9ee72525423484dee1bfa064244e207720a

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:17 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9av9DcR10YwVhSuNEskkqrlKE5BQmyOpSlffKzsYt%2BkvlQrhwqf5WXc5OFjKoOKDIX6%2FeVb4U7zNGfeWpdaCYGZmGD2yidjUUfUq64BmmJTWWLZeIB6A4JqehOyhoyj0iqCWKkSO"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e88777dd89696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
v1
prg.smartadserver.com/prebid/ Frame 0273 		171 B
561 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:17 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame 0273 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=71855760559&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:17 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
v1
prg.smartadserver.com/prebid/ Frame CBFA 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:17 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame CBFA 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:17 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid
ib.adnxs.com/ut/v3/ Frame CBFA 		16 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
60cc3616dc74b8b0f5ce28eb07ce9eed4b0ff17afd4b649e6d9ba95549b2ec7a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 24 Dec 2022 10:07:17 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
fd4723ce-ed99-473a-860d-b0e5f96262a6
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame CBFA 		333 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876436793&tk_flint=pbjs_lite_v7.19.0&x_source.tid=d4405653-9487-459b-a360-fdf860466f92&l_pb_bid_id=8d821eb5517795&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5521757210997948
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
ce7c92e49958cc4975f58049fa4a1335bc9e5762fb6411ce5ad7382cc3c56922

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:17 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
333
expires
Wed, 17 Sep 1975 21:32:10 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame CBFA 		36 B
506 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22979804f0afef6c%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876436793%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876436793%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2210d218dee77254e%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%22d4405653-9487-459b-a360-fdf860466f92%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%221c935e01-7816-481c-9198-89e65c38a403%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1907739d0370df173c89f627b004d6d437fff000b43f5b0c051382e5b4f8695

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:17 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UjOXRgNfjsRHA%2FpLpn4glzKIfNsiQhF0nSeRgppYeG5ZFQnZoR5Eq7mnou1s0OdYyDSuPQQUd7Zp%2BAq2vrpRs%2BCD%2FY20HTsZStWp7z3jnEKo%2FoktXLxYvY%2BlfATv5jriKdXXOo4B"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e88777eda9696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
translator
hbopenbid.pubmatic.com/ Frame CBFA 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:17 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame CBFA 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=83681258078&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:17 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
integrator.js
adservice.google.de/adsid/ Frame BAC3 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=forward.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame BAC3 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=forward.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame BAC3 		533 B
305 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3197993056563766&correlator=452230465053028&eid=31071093&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=21671350435%3A22712312433%2C728x90-forward.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=1&adks=617174094&sfv=1-0-40&fsfs=1&eri=1&sc=1&cookie=ID%3D00d71eeb7218a6f1%3AT%3D1671876435%3AS%3DALNI_MZj7UvGLW8KA8qVkkACX9ZboIyD-A&gpic=UID%3D00000b97e6383860%3AT%3D1671876435%3ART%3D1671876435%3AS%3DALNI_Ma8AlKNCprDUKxC_SPmXoQIE3cynA&abxe=1&dt=1671876437754&lmt=1671876437&dlt=1671876436044&idt=1047&adxs=436&adys=46&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=9kaxqmraw5gc&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=2&url=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F&ref=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F&top=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F&frm=23&vis=1&psz=728x90&msz=728x0&fws=256&ohw=0&ea=0&ga_vid=550322770.1671876434&ga_sid=1671876438&ga_hid=1498049584&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fc5ad420c4d7364d102d2f7043847421d86aefd5b9844bb4b583ad12e25e72a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:17 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
269
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://forward.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame BAC3 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7cc5b1d845948a1a145098d80fa3b76d575ead1e33c61510d3c1b941e7d32fb2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:17 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11243
x-xss-protection
0
container.html
ed261e9d5f80ee9aeb3267a5c8ea321d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0748 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ed261e9d5f80ee9aeb3267a5c8ea321d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 24 Dec 2022 10:07:17 GMT
expires
Sun, 24 Dec 2023 10:07:17 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
v1
prg.smartadserver.com/prebid/ Frame A1CE 		171 B
561 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:17 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame A1CE 		333 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876436812&tk_flint=pbjs_lite_v7.19.0&x_source.tid=b44751b0-f485-449d-bc32-7184acdfc8a4&l_pb_bid_id=4c86882f414a01&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7506525367443644
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
94b37bc283ca796419b7994cec7dc0124d3554882644fb41e3b4986a75696a69

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:17 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
333
expires
Wed, 17 Sep 1975 21:32:10 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame A1CE 		36 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22594d937585d1f3%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876436812%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876436812%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2263c8c56c07b9a2%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%22b44751b0-f485-449d-bc32-7184acdfc8a4%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%22328f1268-8a05-48f7-afe8-f3a223b7f0b4%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf20ed934ffefe7efdf6b839a3b245a31a6f998b5726bc90249c0ca58083e264

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:17 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LhkdHEb61UzhaF%2FhC9TWu4oLRltmMDR6xsHMnJ%2BrObf3qauJCRIjyF2OZ0ei5jEMBlQpet0DYk9qt5tH%2FUdjcz0SyWmrwmfnYWu99uasPpAJmwV%2FjSmZMgTtyOEvYULOP84Apd%2FB"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e887782e11696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
cdb
bidder.criteo.com/ Frame A1CE 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=92854899344&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:17 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
prebid
ib.adnxs.com/ut/v3/ Frame A1CE 		16 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
67b412d761e1665a91321d69841b1b87d9b6ba478726a5342dbf1c5393518ff8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 24 Dec 2022 10:07:17 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
8f5ed198-a1b0-4722-be4a-a2f1b53292c7
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame A1CE 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:17 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
translator
hbopenbid.pubmatic.com/ Frame A1CE 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:17 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 0679 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:17 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
pbjs
htlb.casalemedia.com/openrtb/ Frame 0679 		36 B
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2234f79c0e028bc8%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876436818%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876436818%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2245c32b905f79d8%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%223248bdf0-d7a2-4d89-81e6-8c8a2a23c0a8%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%228612f56e-0598-404e-996b-b9eed1c1a364%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a87b363dd81e5dca741da3dff3a57878ff5af6285b96dc7c981030b2e8437abf

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:17 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Usdqd131dIIk3Za4bnUOQfq%2BixI0qbpEtC6yTez3mK2bdkfaC04ehljdRALwoQ2FVvkUh0rI1LQDLw6icERZc1P8JLEPv1IyhSVJ6hOCx5uIH5P0NdLDCtkKG8xaacX2nHkWXpx"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e887783e31696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
prebid
ib.adnxs.com/ut/v3/ Frame 0679 		16 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
dc940d8274a6e840bb2d7f77e95f97a1772e5402cf5ad680e669836677d83875
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 24 Dec 2022 10:07:18 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
c66951db-b861-414c-b406-12563c36a4f6
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ Frame 0679 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=99597457120&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:17 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
v1
prg.smartadserver.com/prebid/ Frame 0679 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:17 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 0679 		333 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876436818&tk_flint=pbjs_lite_v7.19.0&x_source.tid=3248bdf0-d7a2-4d89-81e6-8c8a2a23c0a8&l_pb_bid_id=12b0702306ae6d7&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.46963031119838217
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
7cc6e8d6415c6a0cbcb61317855b4bc3d4eda8ef94ac0a90014c18012d1707db

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:17 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
333
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ Frame 0679 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:16 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ Frame 33ED 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:17 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 33ED 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:17 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
v1
prg.smartadserver.com/prebid/ Frame 33ED 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:17 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ Frame 33ED 		36 B
496 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22779ef088239dff%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876436842%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876436842%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2288efed68c97551%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%22433df558-6c92-4760-b6f5-e457066eb5f3%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%220b6746f6-7ec9-4190-b3e6-349d98d6d54f%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de0c1d0414b88172fe70c50392d0cf4b65f86aaa3295b37e65ec7a402a54ff6b

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:17 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EtpIqGz9Bcz2WJASlfkdP5Ake6u0eHUdHYPqZSnFj8S3vXxwcGpqaoDGmST6dwmVadHQnKXRRLX45LobiiLb07gi4QgYCTqc0jbcHldFIQeCJhpMceaZd8wqfDn9je9xeRbjkLl0"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e887784e63696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
cdb
bidder.criteo.com/ Frame 33ED 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=69764501887&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:17 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 33ED 		333 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876436842&tk_flint=pbjs_lite_v7.19.0&x_source.tid=433df558-6c92-4760-b6f5-e457066eb5f3&l_pb_bid_id=125a97842549747&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9685712080195101
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
fc3fc4a973822fd76b4d11a520d5c0cc3ff880413636d272d8c315103b586780

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:17 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
333
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 33ED 		16 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
412ea8d5c603ad4d161f63db7f1749af0bb50e71bd881ab81183bca25ac1e14a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 24 Dec 2022 10:07:18 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
516eb503-9bad-4ab7-9a8e-34776780e3c9
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame 6F22 		36 B
507 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221cc07f610e1988%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876436891%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876436891%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2221625e7e836bbd%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%226569dc2a-4e91-4a55-9b78-1c682453e1fa%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%22cfade379-41d0-4a61-87e0-4a408bcdcb1f%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e4cc74daf033daee334cbc4af1ced69eed994e614c518563ec334882d8c8fd4

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:17 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=COIoa8%2BuyrPgwjHg7dtHJuWh1OAfFEG49dRU%2FAY4U%2FZu0aZrVJhK%2FLU15qmZ94foHWU8PcbcJ6US%2BQb4AudQPtEerOoemlh5%2FKT%2BD9UMoph2KXBH9%2F6fViznGhesWNPdpYJbyN0A"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e887786e8c696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
v1
prg.smartadserver.com/prebid/ Frame 6F22 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:17 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 6F22 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:17 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 6F22 		333 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876436891&tk_flint=pbjs_lite_v7.19.0&x_source.tid=6569dc2a-4e91-4a55-9b78-1c682453e1fa&l_pb_bid_id=8ceb946a281ce4&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.09358911923732371
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
86d2d9705fb6cc6d565566f3b169b4a06cfc0ddb8f38821a57a9bdb76576c6f6

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:17 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
333
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 6F22 		14 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
9e8e86196a2265fc48c1d25c4a27a548ae3ef8393615d0b3e4c9762ae985a2a6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 24 Dec 2022 10:07:18 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
3640b64f-66e6-4e7b-9904-8e3fe3a60bdb
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 6F22 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:16 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame 6F22 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=30606588653&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:17 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 3332 		333 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876436864&tk_flint=pbjs_lite_v7.19.0&x_source.tid=33e0d6d9-aca9-409c-afa1-cef8e2f27bc1&l_pb_bid_id=2018749378fee6&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9970098929755846
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
bb4c5d88b7be505fb91da7ef774defc6b3a7cd41a1398e055d6e943d88101072

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:17 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
333
expires
Wed, 17 Sep 1975 21:32:10 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 3332 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:17 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
v1
prg.smartadserver.com/prebid/ Frame 3332 		171 B
561 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:17 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ Frame 3332 		36 B
503 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2274698bff037f3e%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876436864%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876436864%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%228de7370d08f226%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%2233e0d6d9-aca9-409c-afa1-cef8e2f27bc1%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%2291567e39-c03e-4c1c-a2f2-16c73b517d27%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e5c23bdfa030a3e073362299002a2df3e8998a6ce9bde9d7aba4f5813100d83

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:17 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FxPOTeVTfN5%2Bm1wv46sVRiEFUeqzdkVMpH3bFgyWrHb%2FFoWTj35N%2FG2JFQqC2o5BBQbe6Jhp621WW%2Fr7pfXuECZ1yPosmCIXRVPqVsx48ssEtfJqZcfn9QMPSHDShEzVje87bRma"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e887786ea7696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
cdb
bidder.criteo.com/ Frame 3332 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=46726794608&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:16 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
prebid
ib.adnxs.com/ut/v3/ Frame 3332 		16 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
3bb1ab9cdfef8b9d69d8ad662a640ba80c0ea97a14a7ea5393eac7f8b12ab295
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 24 Dec 2022 10:07:18 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
7b39bc41-b138-401e-bc6a-c92c6d452fa7
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 3332 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:16 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ Frame 1EF1 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:17 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ Frame 1EF1 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:17 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame 1EF1 		13 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
f00174244aafd9e0a4b5cb766508ad72720616f62cc24c3988815377a3b35384
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 24 Dec 2022 10:07:18 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
df84e93d-8556-40de-bc54-3714ec75e2c3
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 1EF1 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:17 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 1EF1 		333 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876436899&tk_flint=pbjs_lite_v7.19.0&x_source.tid=3a5a0761-1f83-4a86-8ef3-53e14696a50a&l_pb_bid_id=1038d2d0e367aa&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.2321751547203117
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
36199c804cec38012939e9c168f79c0914ce5a46143dd64cdc4a25a906f2f094

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:17 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
333
expires
Wed, 17 Sep 1975 21:32:10 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame 1EF1 		37 B
506 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221120e6d2f2f9c85%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876436899%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876436899%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2212d609a59c7b573%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%223a5a0761-1f83-4a86-8ef3-53e14696a50a%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%22dbb07468-a039-4e10-987a-cbbd9191b0d3%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
915bd3f1553df215eac97634eef5c277cd1031d103ec7f57d6eaf2031a206d2b

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:17 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lTVaKsyrlbZej7gFUIqPHBTcile47WXf%2FOZ79YE1Kf513YXwiUYJooajzCYkEQ1mTzOeVGWF%2BJMP5H86gjLuQ%2B%2FKBRNnVyWJenlZ9qfWrPYpJxU2P0ArLYXO94fGgalxw%2FgagbGu"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e887787ed9696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
cdb
bidder.criteo.com/ Frame 1EF1 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=24845881058&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:17 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
v1
prg.smartadserver.com/prebid/ Frame 697C 		171 B
561 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:17 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame 697C 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=46011253051&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:17 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
prebid
ib.adnxs.com/ut/v3/ Frame 697C 		13 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
afd077c72975aec1e5d7caf213ab30db50896cf151f3c39b0a53f2d0de6be009
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 24 Dec 2022 10:07:18 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
c6fed3c9-f85b-4f7a-9b8b-2f88c082e622
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 697C 		333 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876436907&tk_flint=pbjs_lite_v7.19.0&x_source.tid=790fb0af-141d-46b4-8dd6-4a13fdf21157&l_pb_bid_id=8dcf9c04c8f195&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.04233852125299342
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
03f70bf0dab02aad875956eef96d9594ab116583727584308194ab3a273b3b76

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:17 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
333
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ Frame 697C 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:17 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 697C 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:17 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
pbjs
htlb.casalemedia.com/openrtb/ Frame 697C 		37 B
506 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2213ef41d6fecb479%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876436907%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876436907%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22143d0d39487915b%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%22790fb0af-141d-46b4-8dd6-4a13fdf21157%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%2248a63235-1dca-4042-ae57-f3904b2f802d%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe8be1982582fe053637e240873926c172046c5eacb42a60aff01c88ed8ead81

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:17 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pFhn0Vsn9H%2Fmtp%2BykUD0gyUw5rpuVdaxNwoaUor%2BVyvcbHf%2BqMbt43%2BlbngTYDzpEMlnLQzomowfTSzT9DpMcYd2YpEnCnga8ZtZIkdStxPNclfgTHdoE6%2F%2F1lMpPinDegey6mw8"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e887788efa696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame ED48 		333 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876436915&tk_flint=pbjs_lite_v7.19.0&x_source.tid=5531c1d6-6627-4916-9a2f-5fa119a5b3e3&l_pb_bid_id=28d10591dd8b56&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.48348138663569173
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
04cb046adb303a8605d1737a22459ca2ac8bf30b0ad60596b2b13dad818727b4

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:17 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
333
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ Frame ED48 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:17 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame ED48 		13 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
02982efdcf334d8bbc985c063473b6e4e58d2b02a0a56e3d25350a5de1ae8bfd
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 24 Dec 2022 10:07:18 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
515089f6-a319-42fd-bbbe-b4f16daa7015
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame ED48 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:17 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame ED48 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=637620665&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:17 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
pbjs
htlb.casalemedia.com/openrtb/ Frame ED48 		37 B
511 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22119e36dc17173ad%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876436915%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876436915%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22126bc9b7fe6a3e5%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%225531c1d6-6627-4916-9a2f-5fa119a5b3e3%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%22609f309e-8b6c-4e24-992b-3855d53d2041%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c994379ed714e7259c69a12df6c3d8832e7ad573f05aba95b2dd3e37898ca6a

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:17 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BlcpD%2BlDuw%2FuUHF%2BODA4fh4vl7RIc%2BiKae%2BK%2BOk9QzHysfzt11e32f%2Bxgb3cVuK3gSkvOp6dFLB%2BhU4QJqaxLbHvfAs%2B04kc1AM81djjoZYvAKLn1aZ5JmW8COtIijVw2kaIUlmP"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e887789f1f696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame ED48 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:17 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
pwt.js
ads.pubmatic.com/AdServer/js/pwt/161217/5905/ Frame B945 		200 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/161217/5905/pwt.js
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
dff33f3eb71e3f0a789da7717269ffbacdd7f4337db9fe095fdade6ead5079af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:17 GMT
content-encoding
gzip
last-modified
Mon, 31 Oct 2022 17:47:50 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=76263
accept-ranges
bytes
content-length
62515
expires
Sun, 25 Dec 2022 07:18:20 GMT
prebid-bidstream-7.16.0.js
ads.bidstreamserver.com/js/ Frame B945 		305 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.bidstreamserver.com/js/prebid-bidstream-7.16.0.js
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.10.31.14 Edmonton, Canada, ASN36483 (GOSSAMERTHREADS, CA),
Reverse DNS
Software
nginx /
Resource Hash
22201309f0cf063b1b586e76703ede6bd91b22b4966033b75ea753ba9202ebbf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:17 GMT
Content-Encoding
gzip
Last-Modified
Tue, 25 Oct 2022 15:34:24 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Cache-Control
public, max-age=86400
Connection
keep-alive
Expires
Sun, 25 Dec 2022 10:07:17 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/161217/5905/ Frame 2249 		200 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/161217/5905/pwt.js
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
dff33f3eb71e3f0a789da7717269ffbacdd7f4337db9fe095fdade6ead5079af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:17 GMT
content-encoding
gzip
last-modified
Mon, 31 Oct 2022 17:47:50 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=76263
accept-ranges
bytes
content-length
62515
expires
Sun, 25 Dec 2022 07:18:20 GMT
prebid-bidstream-7.16.0.js
ads.bidstreamserver.com/js/ Frame 2249 		305 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.bidstreamserver.com/js/prebid-bidstream-7.16.0.js
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.10.31.14 Edmonton, Canada, ASN36483 (GOSSAMERTHREADS, CA),
Reverse DNS
Software
nginx /
Resource Hash
22201309f0cf063b1b586e76703ede6bd91b22b4966033b75ea753ba9202ebbf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:17 GMT
Content-Encoding
gzip
Last-Modified
Tue, 25 Oct 2022 15:34:24 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Cache-Control
public, max-age=86400
Connection
keep-alive
Expires
Sun, 25 Dec 2022 10:07:17 GMT
/
id.forward.com/ 		0
198 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.forward.com/?maxAge=2628000
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 24 Dec 2022 10:07:18 GMT
strict-transport-security
max-age=86400; includeSubDomains
server
cloudflare
vary
Accept-Encoding
access-control-allow-origin
https://forward.com
access-control-allow-credentials
true
cf-ray
77e88779fc732bf1-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 2670 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=bwmk952m28utzo2jabvdh&cb=6396901671876436617
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7eabd269d94046e76c744518aa01578a00047c238727208cded024567d7a0974
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27544
x-xss-protection
0
server
sffe
etag
"1430 / 384 of 1000 / last-modified: 1670587582"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 24 Dec 2022 10:07:18 GMT
prebid7.19.0.js
hb.adpone.com/ Frame 2670 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=bwmk952m28utzo2jabvdh&cb=6396901671876436617
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:18 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3237
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c3dljTQMeZpSFcfGy4EzWov9OykAdDZDKuIFP5VLkw1yBZ%2FK0UQYhw91Hr4sTS64f7LHBTxPcsan7OsdbC4SoOyS6awOW0qHo%2BV5BzYz6cNhgoiZ8p%2FNcY%2FK32QcpGkxrjfh6p5i50Z6Fw4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e8877a0d909022-FRA
p.html
flashnetic.com/r/ Frame 230D 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=zzjahlbgrgl&e=1895969627920
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=bwmk952m28utzo2jabvdh&cb=6396901671876436617
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16596
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
xCjqE55PkuTe5GUvVhcZdmreCjO3Pqv4bFtgUY-YW7c6x4Guzw14Lg==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame 9AAD 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=owjeetsg&e=1895969627920
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=bwmk952m28utzo2jabvdh&cb=6396901671876436617
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16596
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
rWTVLCcYBe_u_KvCWqcserq1hjJTL2XHzKsUOXZsuvCmIXL1-IbUCw==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame A40E 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=bczvkhbc&e=1895969627920
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=bwmk952m28utzo2jabvdh&cb=6396901671876436617
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16596
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
WLaqQzZ4_RIoWu1YzcQ_bG8mxUAQXSYQbZ_6L-H27RwDvNjRpNhGkQ==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame E491 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=virowxpvm&e=1895969627920
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=bwmk952m28utzo2jabvdh&cb=6396901671876436617
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16596
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
wrQHKkS6RNfCkTMU99x_c4dNdvHhqUsS94LbsOCbdHwYQw7eKpZRIg==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame CFEF 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=fcpruxcdav&e=1895969627920
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=bwmk952m28utzo2jabvdh&cb=6396901671876436617
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16596
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
P9brCJDG4bWnsDjZtUP8Lqz-7gyG8_r8-DYuxKtTn9obKlqwQVmrdQ==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame EA12 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=pnscqapml&e=1895969627920
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=bwmk952m28utzo2jabvdh&cb=6396901671876436617
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16596
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
1Ry0SDVvtEmdRplnzuCVt4-8pOcIDMVFdun9Q1o-n8q7VPte9cO6VA==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame 055A 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=wslqjeso&e=1895969627920
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=bwmk952m28utzo2jabvdh&cb=6396901671876436617
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16596
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
Qx2UvdwSnJOPL0VOlUF1whgAxtipeCdUeqwlcS6fvimaTHs7F297gQ==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame C47E 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=rvrghwgt&e=1895969627920
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=bwmk952m28utzo2jabvdh&cb=6396901671876436617
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16596
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
oqQ4EIoCp0BRnmkWMqifyEMJ7FwlbkKUPSpgnKbJe_EIsgvpKtZerQ==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame 3A43 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=esmtyaf&e=1895969627920
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=bwmk952m28utzo2jabvdh&cb=6396901671876436617
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16596
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
vMMUTXAhrR4fTcTm7410J6v5KZ4iAaDaiHW1sI56X_KQ6lR5wfJusw==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame 0176 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=ihyiflzn&e=1895969627920
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=bwmk952m28utzo2jabvdh&cb=6396901671876436617
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16596
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
OeFaru3ERjhedXobALJgw9htOa3A6VvG-IQQTvXfiWZ4U_9Ad0yUgg==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame 7A82 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=wgbkvtvn&e=1895969627920
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=bwmk952m28utzo2jabvdh&cb=6396901671876436617
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16596
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
2wGB1sp55yyWU3DZwxGGN3A1F9YFDEo0BgWWBhjQI0JQyOHco6Omvw==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame 018F 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=gvclp&e=1895969627920
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=bwmk952m28utzo2jabvdh&cb=6396901671876436617
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16596
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
1T27jN-AmZ0nciO3jL6a7SlVuWwHj10hexRWUGwdeuRl5dVhgdCgng==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame A59C 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=rdflkmkh&e=1895969627920
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=bwmk952m28utzo2jabvdh&cb=6396901671876436617
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16596
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
EmflNW4EI0Ak1MjypvW0KUCHNIAPECfAYZpvSllK1Idh6l8VSXNIww==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame A690 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=zltxliabk&e=1895969627920
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=bwmk952m28utzo2jabvdh&cb=6396901671876436617
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16596
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
yLrTpPRTWLWs4Y7lsb6Zu4YEWIa1bRcP8CPdn90UcChXZ8KuMwXSWg==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
collect
n.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://n.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-f/s/0.7.1/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.184.204.244 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
https://forward.com
date
Sat, 24 Dec 2022 10:07:17 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
vary
Origin
request-context
appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
prebid7.19.0.js
hb.adpone.com/ Frame 0075 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=pjbsvsf&e=1544311770728
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:18 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3237
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jcKlTn%2FhxAYWqPdpzn4y7Xdes9OvfH%2FKF7Aden9FoNQ2TmHwaUrnHvBsICzt%2Bw%2BGyZS8k3YVwg%2B1dnjMVV%2F9AJlXDiLk92n4U5KsWSZUPfIxwg%2FtU0AC%2F24IViTX58t%2FM%2FQYV%2BzpMCS8GIM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e8877a5deb9022-FRA
prebid7.19.0.js
hb.adpone.com/ Frame FB2B 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=omaxbbue&e=1544311770728
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:18 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3237
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g4WPKReYegJGMsRh62nejoH%2FxXBc%2BmPTNg5TcWBbl4BPIhJ5j4VUtX6ZwFs0hYxGvyDHbn5UfB7P2GE%2Fdznv%2Fa1RlPEqmYEcgZFPi2Zr%2F32xJJVzwwDqTrgqkMQ94CWxor%2Bv%2BBGVKzHied8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e8877a6dfd9022-FRA
prebid7.19.0.js
hb.adpone.com/ Frame 426A 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=rnekscbjcg&e=1544311770728
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:18 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3237
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EVnC53Q7fxtoV0%2Bz%2FeA%2F0%2FOOrwHsBNWqZSUhPUBUOymUMqk78lCNPO83n1pS%2FuEI%2FUSdA95%2BZ8j7nyec%2BV0M5hwX3xijMtX4yAOogX9nsVJLpzZlROzGdMpDiFM87fBseEejwfEHerNb%2B1Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e8877a8e159022-FRA
prebid7.19.0.js
hb.adpone.com/ Frame A5F9 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=rvhpjgub&e=1544311770728
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:18 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3237
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i9c3NgwXelpAH4uTSQyh8dPDzpj%2FgGXdGGsZ0mRlH4HIkI80Xcwp4aSpczXXyf3nYgfjFWh%2FvE4nMj%2B6XZ7Z%2BkiX3x5WSVtC1TGM8AVr2sokFRD5gxyRWIZVPz1fAP%2BjP9%2FAqkak9tsXx8o%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e8877aae409022-FRA
prebid7.19.0.js
hb.adpone.com/ Frame C7D0 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=ppqndwhs&e=1544311770728
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:18 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3237
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F%2B7r3w9eHFT2LAYhNL15uI9f0QnFXmVdAXunNZlNueSXTVV0iwzkZDO9HPKKDmoXbRASv84T3kIw3LOe%2FWSANRpwcLx4v6Y%2BDRHD1uiixZLVvvZbDIvml29z7N59R8iseQkjM8NuwWPeLUU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e8877aae429022-FRA
prebid7.19.0.js
hb.adpone.com/ Frame 3A2F 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=jxkpnhr&e=1544311770728
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:18 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3237
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=srTA%2FbwSxp7i1CDdu4L6ypNZckpGT4dBqaTcsyXyLzx69jeJA2L17wLvIQOfi3aUxChDybVkPKNBPPGZe76IrtCjXaFBfvMuNhunLUIULfLY62BU0OaVMrFDbeddX9AE1ZGj36fyxE9QLt4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e8877abe669022-FRA
prebid7.19.0.js
hb.adpone.com/ Frame D1D0 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=nkjzjgi&e=1544311770728
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:18 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3237
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K2qySheoblK%2FztQvQNPCdiG10T1qxWD4VxBdX1n0WUYA9Xz6iLjHYrW6nVNbCK0pYA%2BxJBIwxcmrrEHe%2BuCKzhXJQBlJtp4Wr%2FPyPNBR5Ud7XvB1aexX9P0szBMOXod2sG50rkhxBIsXvwc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e8877ace7b9022-FRA
prebid7.19.0.js
hb.adpone.com/ Frame 5373 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=pqhllppa&e=1544311770728
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:18 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3237
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=baYI7LUMSo1CZZupnTGamOaqZSSgsoEcjY2NWzV1lyniqfUF4fMErrHiNIyJIG6Cr3iLQuAKiVVfkTfsP2ZJtIrIxqDzWQbFYYiiFM5jWbgqtCTplTolVMbwY4JBfSszDEvMJskjzb4hD04%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e8877aeebf9022-FRA
prebid7.19.0.js
hb.adpone.com/ Frame 2838 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=awtdrmcdqn&e=1544311770728
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:18 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3237
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xuHX%2BY6VoGMbvXnAc5DbVR%2Fwpabaa18m6QQMHSgFRatSThnukthMIHMaXBQL%2F8e442JWLfaUuWaapb0Z4cOXJXb179qZJpeKEyp1lk3tKO2OK5NanWBv%2F%2FPnWD31vevwvgF%2FbozpdNnsLmg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e8877aeec19022-FRA
gaAccount
buy.tinypass.com/api/v3/anon/assets/ 		73 B
452 B 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/api/v3/anon/assets/gaAccount?aid=6Z1jcPLepu&tbc=%7Bkpex%7DmohQ7mqB70oQ5RI43JrcxU7_mV_3pnnJt_Vj-jM2cAf2c_zu6T9n1wff9qqX2t_O&user_provider=piano_id&user_token=&callApiJsonp=true&callback=jsonp8725
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5d5fad76fe84403d6b861f22034bf5dc785fdae33928670c932341e8dbe4cb7
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:18 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
wn
prod-dash-10-0-95-209
server
cloudflare
content-type
application/javascript
server-time
0.004
p3p
CP="NON DSP COR OUR IND"
cache-control
public, max-age=86400, s-maxage=86400
x-forwarded-https
on
cf-ray
77e8877afbc39225-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
M644enrrlP5
prebid7.19.0.js
hb.adpone.com/ Frame 975C 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=cltyrs&e=1544311770728
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:18 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3237
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ezqqa%2F9ZKFi82nrOg3q7RrROpSwYaXzFkv7nFY%2FnMARr8ZUG7uxbB%2FiIbPmXMKNZMXAPswpxki81PeSwHZNx6k2pQAzBZxXAxchxstFQdK95sUQXrSpLTe%2F7%2FlyJ6FSESNDz7Pf4B4bwn7g%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e8877b0ee09022-FRA
prebid7.19.0.js
hb.adpone.com/ Frame BD25 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=hnhz&e=1544311770728
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:18 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3237
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4TAXdVKMy%2BKmVANuX1fsEOzv%2BL7ECwNSWFJAkz5v1GEkll4ApRqUqmIHex9dC0tNAR3ZWpYdMreQsUwCMtYfhVAlBZJ10OBZBtyxNXBQbGWa2oCqZzgWDPMfnH31WvDDplDKTFw9aVctkUY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e8877b0eec9022-FRA
prebid7.19.0.js
hb.adpone.com/ Frame DC41 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=zistsjmioy&e=1544311770728
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:18 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3237
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MK8lAwS54L7%2FIoYwzYgxs8KK63w%2BCUapYvPgNpuZ6DFCBX2m%2Fu62WM0qRj3QRCcaNbA%2B45OdjKbqMadExOJ63ZHbR%2F8yE6DSG%2FBEbRS%2BQsRTdrJsiQgcG7n8AJAnxaUPHorSjoOGlBvo0FM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e8877b1eff9022-FRA
prebid7.19.0.js
hb.adpone.com/ Frame C27A 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=nlrgpoa&e=1544311770728
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:18 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3237
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BMNU086jTqqnl7zbpSnhkLIRQnslX1yl273kzBzKxZyLH0Yy7yHbkZWFhnxN2x5Aaq1RL1mgdPxNkazzzZjnukvrt19HmiohLUVKHujASsE%2B809e8idqrWmoBJV4%2FznimUufS%2F2vo2uxJQ4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e8877b2f129022-FRA
prebid7.19.0.js
hb.adpone.com/ Frame 8D61 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=lrvtjrcm&e=1544311770728
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:18 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3237
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nK0JZ1Ch6DJwxkMD62Yvi0V1Jzu6ArqiaH6bv5QzmeXr2XFXq6JvIp%2Bgr0fSx7HmmhVoqVxf7f7NHT2y5zjI9dsBjWThuJATBk7XRhF4lkvP4dK%2FHPXVTMquRTqETozT1XqBhekNd4pncmM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e8877b3f249022-FRA
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 4B98 		81 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=qsn3xuryjc2x7qe51g26f&cb=9239331671876436783
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b5ef7861572324f3e9d49c9284d10e8e582e1bc44694394afdf5bdc0e6bd0cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27666
x-xss-protection
0
server
sffe
etag
"1430 / 359 of 1000 / last-modified: 1670587582"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 24 Dec 2022 10:07:18 GMT
prebid7.19.0.js
hb.adpone.com/ Frame 4B98 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=qsn3xuryjc2x7qe51g26f&cb=9239331671876436783
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:18 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3237
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lQIb4u4McAPd8EgrkV8z3FUoNF3ryEVdWplD2MwEfkphOq%2FUuqmKxbEIA6E2AmwTkxNYSMhgxLifx5%2B%2BYTQqJUr2m4c4ExGgjVdBMuSLxhGy5fAbGsU2FmpvFcvsBxch%2FNxmonNYG%2FzfkWI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e8877b9f9c9022-FRA
p.html
flashnetic.com/r/ Frame 8F0C 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=lnjwvpico&e=1828802515028
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=qsn3xuryjc2x7qe51g26f&cb=9239331671876436783
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16596
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
M0bylt9tB74DxF8ExQ0UxbTzufRE60Nbduec69bn63gK-PXA4ttxUQ==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame DA0F 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=sjduzs&e=1828802515028
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=qsn3xuryjc2x7qe51g26f&cb=9239331671876436783
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16596
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
vQxrdxHNmQwYRwMCP_j_0yZuYj1w5xCGKuqpwczOLD-ZF2rejqWbKw==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame 9A73 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=gpghfnc&e=1828802515028
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=qsn3xuryjc2x7qe51g26f&cb=9239331671876436783
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16596
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
BfKQd3cu48tg6Mvj7JFUoPMOg2mwXjaBb94BG3AdLEtXPLIXjSKqUg==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame 6F27 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=gfgafyhya&e=1828802515028
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=qsn3xuryjc2x7qe51g26f&cb=9239331671876436783
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16596
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
izm_0jvY1bRzPSftBGEKy5vJFXzGrArAxqQwUGw7iVKEwPfOEbzWbg==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame 859C 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=fvvbvws&e=1828802515028
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=qsn3xuryjc2x7qe51g26f&cb=9239331671876436783
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16596
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
O1BBvH5xLcwAMGNQuBUhOOAGf1qz9thUqXbUt4JaSzdpJVA8a8aX8w==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame 1CA3 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=auwgldnwcs&e=1828802515028
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=qsn3xuryjc2x7qe51g26f&cb=9239331671876436783
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16596
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
FADVA4Q8gSvcazQX3mQqmOHiwBOS7eZ0PcIX7oSbNlwbX4cRDKBGgg==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame D2ED 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=ywmfdyn&e=1828802515028
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=qsn3xuryjc2x7qe51g26f&cb=9239331671876436783
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16596
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
uD3MiKO0RckM-C6Ar3GbmzIghkhkCgKmnuaSPr7s0cH7J-S9izuMrw==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame D911 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=dodgrpmnji&e=1828802515028
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=qsn3xuryjc2x7qe51g26f&cb=9239331671876436783
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16596
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
HTgRMcrosnWDXeGM4LPoiZJmUzU_Q1NHOiXmkTg2xv5o4yZxiR0EHA==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame 46F5 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=bqyzrqb&e=1828802515028
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=qsn3xuryjc2x7qe51g26f&cb=9239331671876436783
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16596
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
6d-HHIElTp-Y9dGFC4qqaJVo1tahV3SrLYknuSiT9K8aRtwTgJdbog==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame 1715 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=tluzouto&e=1828802515028
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=qsn3xuryjc2x7qe51g26f&cb=9239331671876436783
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16596
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
ISP0I6DGurpU0Dy9za9QbfTqeUCR44gGr31ovfjpzI02uOynPLekbQ==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame A4F6 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=amszaskej&e=1828802515028
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=qsn3xuryjc2x7qe51g26f&cb=9239331671876436783
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16596
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
L2qoO78S7kzafHdEkk6n1ckCgH3DzXErK1FESL0k1h8pJF4i4BhiSQ==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame 514D 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=fatbtylgv&e=1828802515028
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=qsn3xuryjc2x7qe51g26f&cb=9239331671876436783
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16596
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
F61q4kG87pKOytK_rtnpfh7AUatjrCYpTpZ52G3pY1byqJBjP7x_oQ==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame A6B6 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=yvopv&e=1828802515028
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=qsn3xuryjc2x7qe51g26f&cb=9239331671876436783
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16596
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
4qQl5MZFYASCYeI1zixI__aOnhz2JMS_xCSEdmdU4ePk-MwV7kPaUg==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame 964E 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=gfmenxv&e=1828802515028
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=qsn3xuryjc2x7qe51g26f&cb=9239331671876436783
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16596
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 05:51:26 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-id
x7VF9lhEPgSeIPEg6Gfb1a5gdifweLnA4WZ3dr4rQ6NTg2Re1wrRNw==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
cdb
bidder.criteo.com/ Frame EF10 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=12757973230&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:18 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://forward.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
v1
prg.smartadserver.com/prebid/ Frame EF10 		171 B
558 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:17 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://forward.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ Frame EF10 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://forward.com
date
Sat, 24 Dec 2022 10:07:18 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame EF10 		416 B
474 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F&tg_i.domain=forward.com&tg_i.pbadslot=%2F21671350435%2C22712312433%2F728x90-forward.com&tk_flint=pbjs_lite_v7.19.0&x_source.tid=7defa50e-3309-42ac-9f49-b6aebe8a4ce1&l_pb_bid_id=842f2bff3ecf96&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8845059744490298
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
8c7c6f728ef929603d2ad3bc4b730af160b960e687535b01dbabba9cb3de965e

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:18 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://forward.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
416
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ Frame EF10 		17 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e9cea8579218a86c480046ead325e6eb6732703ba2e5e1c71167d8e5b140747d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 24 Dec 2022 10:07:18 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
faa8e0fb-e89b-4c75-8c72-65b2131c35c9
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://forward.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame EF10 		0
173 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://forward.com
date
Sat, 24 Dec 2022 10:07:18 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
pbjs
htlb.casalemedia.com/openrtb/ Frame EF10 		37 B
510 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2213c22c57e210108%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22%2F21671350435%2C22712312433%2F728x90-forward.com%22%2C%22adunitcode%22%3A%22%2F21671350435%2C22712312433%2F728x90-forward.com%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22144474ee6c18e0b%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%227defa50e-3309-42ac-9f49-b6aebe8a4ce1%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%2240ef6641-d6d4-49d0-a441-762204587be0%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6fa1a8b37036a567e96575f2ea67f8b43963284b7531d9fe6ffeb6683fc319d

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Crf%2FdU6RHzgyyHKOvMT0y2BlOqqrfnLIgMN3VJ%2Bfx65Hz87XUYNmNRCBdf5dsWJpZROqsJrWD%2FgVyDTS%2BVASjh3ZEtDyMNSTzWlJCmNj2Mamv%2F8SBZY9YNY6PuP%2B%2FlkZ6fCVpKHj"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://forward.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e8877c4e01696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
/
shb.richaudience.com/hb/ Frame EF10 		4 B
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.55.101.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.208.101.55.162.clients.your-server.de
Software
nginx/1.14.1 /
Resource Hash
d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:11 GMT
content-encoding
gzip
server
nginx/1.14.1
vary
Accept-Encoding, Accept-Encoding
access-control-max-age
86400
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://forward.com
access-control-allow-credentials
true
integrator.js
adservice.google.de/adsid/ Frame D2E8 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=forward.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame D2E8 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=forward.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame D2E8 		535 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=260371538822129&correlator=667012769173218&eid=31070872%2C31071151%2C31071257&output=ldjh&gdfp_req=1&vrg=2022120701&ptt=17&impl=fifs&iu_parts=21671350435%3A22712312433%2C300x250-forward.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=3815971526&sfv=1-0-40&fsfs=1&prev_scp=hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D300x250%26hb_pb_appnexus%3D0.00%26hb_adid_appnexus%3D1962d1953b81711%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.00%26hb_adid%3D1962d1953b81711%26hb_bidder%3Dappnexus&eri=1&sc=1&cookie=ID%3D00d71eeb7218a6f1%3AT%3D1671876435%3AS%3DALNI_MZj7UvGLW8KA8qVkkACX9ZboIyD-A&gpic=UID%3D00000b97e6383860%3AT%3D1671876435%3ART%3D1671876435%3AS%3DALNI_Ma8AlKNCprDUKxC_SPmXoQIE3cynA&abxe=1&dt=1671876438539&lmt=1671876438&dlt=1671876436448&idt=1394&adxs=1170&adys=502&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=remt2cdxm87o&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=2&url=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F&ref=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F&top=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F&frm=23&vis=1&psz=300x250&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=550322770.1671876434&ga_sid=1671876439&ga_hid=598950586&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c2c606c7d8cc515ed60f97d7cd0af77a08292fd25fec7620fe41da90a87cfc58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:18 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
271
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://forward.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame D2E8 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ce0d3fde38c6245898151124b75d34e174f0deedee014935b6816ac790648582
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:18 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11160
x-xss-protection
0
container.html
cc7252416ebc341fc31d3df3ea1fddde.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FCF7 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cc7252416ebc341fc31d3df3ea1fddde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 24 Dec 2022 10:07:18 GMT
expires
Sun, 24 Dec 2023 10:07:18 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
v1
prg.smartadserver.com/prebid/ Frame FA8A 		171 B
561 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:17 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ Frame FA8A 		36 B
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%223f8a6b5ab262f2%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876437216%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876437216%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22481d2c5c2fb10b%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%223956a344-078f-49a1-af7d-c7eaa1582b31%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%221a713dc2-fb7b-49ea-999b-08d7c574ab82%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46760eb4ea87406817c825a03c2bddbba6c24e92d3c7c59b1d31ffd73eb0d999

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wKTAl%2B3sG8MLDudTR23FdtSHxwD3u%2FtIHKuA4E3WHiyOqsEGvFjG0LiQgSYlLvqPvjZXsOdatW2Zt0MGFU0uvDigU5jQHbT4iZTK6lZwu%2F4f0HCiD8mfhA9IIw9aWDtNoIYI2FJI"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e8877d2f7d696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
cdb
bidder.criteo.com/ Frame FA8A 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=4003185380&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:18 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame FA8A 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:18 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
v1
prg.smartadserver.com/prebid/ Frame FA8A 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:17 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame FA8A 		13 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
cd407b197e84ddc85d04cbdc8698ec8409c8d43d63280628212def1a1a2d8f36
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 24 Dec 2022 10:07:18 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
22255713-e2db-4bd5-b9d6-ac3d864311ea
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame FA8A 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:17 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame FA8A 		334 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876437216&tk_flint=pbjs_lite_v7.19.0&x_source.tid=3956a344-078f-49a1-af7d-c7eaa1582b31&l_pb_bid_id=1630ea21a5434f9&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7307594426796893
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
0274dd1065a1105c3483fc97ee598a26f73dd505a951c41f82170217e59e688e

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:18 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
334
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ Frame BAFD 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:18 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ Frame BAFD 		36 B
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%223b2071c09aef0b%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876437264%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876437264%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%224b24cb66e28494%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%2236483935-6a8a-4921-b0c3-79faf8cda1f9%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%22160da89b-24fd-42e6-b93f-fc13a393c68b%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a85690145b835d853f0264f6b9bf387e3ee7ec68f7c1d5e524c75380a7f9b39a

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kO9rNNJI%2FEszanzesyR2wUX7IRtwdCNT1tZqvwfxQr9Yw5ycxyhEaloROTJwH96oitqSEn6D3QBIGtegxXocxUVYenIc63dnjbJEJScXrG0TCuWb7lMQS3kBx2F%2Bak7a8rMZe%2BsY"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e8877d4fbd696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame BAFD 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:18 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
v1
prg.smartadserver.com/prebid/ Frame BAFD 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:18 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ Frame BAFD 		171 B
561 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:18 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame BAFD 		334 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876437264&tk_flint=pbjs_lite_v7.19.0&x_source.tid=36483935-6a8a-4921-b0c3-79faf8cda1f9&l_pb_bid_id=1296ff6e300e797&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5558324575258826
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
f2c78d36462be878665cabca12bd7988303bb7c94adcfdb8cd89c35acc3ee604

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:18 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
334
expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ Frame BAFD 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=60357367663&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:18 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
prebid
ib.adnxs.com/ut/v3/ Frame BAFD 		13 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
88df495d2870237dc349ee5088ccb1a07fd41aab7d87ece8070eb6af1cf0d831
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 24 Dec 2022 10:07:18 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
5e8d594b-978f-486f-b1d1-60f361c060bd
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 70D3 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:18 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
v1
prg.smartadserver.com/prebid/ Frame 70D3 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:18 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ Frame 70D3 		171 B
561 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:17 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame 70D3 		13 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
c67e2608ed000b3b8a81f9d432794bc8d74eb4632744707398fb798786079976
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 24 Dec 2022 10:07:18 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
1e7c9425-ca7f-41ff-b370-356b08adfc03
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 70D3 		334 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876437270&tk_flint=pbjs_lite_v7.19.0&x_source.tid=74674b13-092f-4b18-a61a-070c849a7b02&l_pb_bid_id=10a9a0268f1652b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4134009620875827
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
9a8c641f2a1362a1f5cf7c0eb8bec9cf449dd30be15024437028a411181c3714

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:18 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
334
expires
Wed, 17 Sep 1975 21:32:10 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame 70D3 		37 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221134e79bc81fdb6%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876437270%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876437270%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221298283e0adf9bc%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%2274674b13-092f-4b18-a61a-070c849a7b02%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%22a154c623-923b-4a1f-b8bc-34bdd16c9358%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
870cc9936a4300547274e9d9d467443a4864e658d019fc8e255bbdb3847c787b

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JIwSMOzLaS0Sc%2FZUB06YBWY6GcGCkOKzHEVvB0rOCJC%2BVSdr5WmXRtIgZa5RhgjvPDXdfZcBX91DDb%2F3cD8cJfhBeUTGGsCalme0NwThhfHYs9nxVOJyVSLFZ1kQmK5dDOOLboxx"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e8877d5fd5696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
translator
hbopenbid.pubmatic.com/ Frame 70D3 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:18 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame 70D3 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=93588798607&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:18 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 2C43 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:18 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid
ib.adnxs.com/ut/v3/ Frame 2C43 		13 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
563252b19a0331ca514348a767e7108b4afcfa867e2fa1b4216ec85888b9cb99
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 24 Dec 2022 10:07:18 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
9ce13fe9-4405-4126-b9c0-f66f8f0d961e
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 2C43 		334 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876437278&tk_flint=pbjs_lite_v7.19.0&x_source.tid=db994d99-6860-4b64-8d3b-6804d1fdddd1&l_pb_bid_id=635f4f14f800d7&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5124408704813477
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
cb48f2ee608a60568c48b9b4faf07d9ba33f7ff73aa6b686c8dfc786a5f8f33f

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:18 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
334
expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
prg.smartadserver.com/prebid/ Frame 2C43 		171 B
561 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:18 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ Frame 2C43 		36 B
503 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%229e1803ecc02b39%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876437278%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876437278%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221078938e2a5a8ec%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%22db994d99-6860-4b64-8d3b-6804d1fdddd1%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%2274310222-8481-4349-9449-0cffdef6e0fe%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4df4448f376b3bee61ad729d7d66ff4c8195d2485b70da18533ec88aa4370d83

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nZAhSJ7JXQ4TY1A%2BXLbe5DoEOfbrYjbkLGEoWKtYdNFzSMResL5CJFQQxYy022OmJHms3y6sZvxtbuDJ%2Bazg4tBIR0FFM%2B54M3%2Bsm5LQM4jyGbdykokpPBo6ipJVXm9UyVYp2aKb"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e8877d6fe0696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
translator
hbopenbid.pubmatic.com/ Frame 2C43 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:17 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ Frame 2C43 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:18 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame 2C43 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=10913822414&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:18 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
translator
hbopenbid.pubmatic.com/ Frame 80A3 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:17 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame 80A3 		138 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
86a5a69041af995d6fdadf1c773f46763bdff3bdfe79b1b02687f1b2aa49ab5e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:18 GMT
AN-X-Request-Uuid
4214d80a-3ec4-484c-a4e7-0e0744dd701a
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ Frame 80A3 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=36983035313&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:17 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
pbjs
htlb.casalemedia.com/openrtb/ Frame 80A3 		36 B
499 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%227736508a4f1238%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876437300%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876437300%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2285f7d358b926ea%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%221dcd6ca2-bd70-4bf5-948c-bda0a59a859d%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%226d6e9c4c-de3a-467d-8eca-1e422eb8293d%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80f3067e64c97b54389305e82632b421dd52e76e9f714d647ee957fd6f5e5aa8

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SvBsxFVloTmuAIXgAlo3Ao3rff8y6JXoHoLhj8EzELP7%2BKeIc6y5WhRgi0pCnNpEM4Y6isk70e5CEXv49Mj0%2FUO9cifwVavx86Eb%2FHsNxrJ5JOfnl0cWqK2gvzYzhYTt0py5mkh0"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e8877d9823696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
v1
prg.smartadserver.com/prebid/ Frame 80A3 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:18 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ Frame 80A3 		171 B
561 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:18 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 80A3 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:18 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 80A3 		334 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876437300&tk_flint=pbjs_lite_v7.19.0&x_source.tid=1dcd6ca2-bd70-4bf5-948c-bda0a59a859d&l_pb_bid_id=16a04fdef4b5293&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9990680222990571
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
ab1ecb7ddf548561c97e2f94fa9f65ee6d5e4a981b24313899c9428882a872c4

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:18 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
334
expires
Wed, 17 Sep 1975 21:32:10 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame E538 		36 B
507 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221679e83273bb16%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876437287%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876437287%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222d0c724c002424%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%22375fa49e-a496-4e68-ad4b-fdfd371b848d%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%22aa18c8d6-19fa-456f-bf61-ccb3d0ea937b%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31119b4b06eb530eac274392f79ae6466767133daf2a87b8e8fd1bf4c3016de4

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f6dX6cMmoSs66Jl7r4goz0MeZI7FF2069Em1M45ti4zwmTYVCGCUZtjOK4ImBsCHD%2F%2B2YwUV9n1d4jSraWqm5y%2BWnR0GDv%2Ba%2Fjt8%2B8GCLcNZNZWbD9OIwuqIYNqe%2B32SGebxk6vW"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e8877d9835696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
translator
hbopenbid.pubmatic.com/ Frame E538 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:17 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ Frame E538 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:18 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame E538 		334 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876437287&tk_flint=pbjs_lite_v7.19.0&x_source.tid=375fa49e-a496-4e68-ad4b-fdfd371b848d&l_pb_bid_id=860fa04e33e92&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8300656468133676
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
0a22c7a3972200583310067420eae4d71d33555c5147842274438b9041f1da1e

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:18 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
334
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ Frame E538 		13 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
ef9d9f668ea392cd35222ee8646f199ea00d75c6b3d6bd8556d75dfb4b1431b2
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 24 Dec 2022 10:07:18 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
c610c6d9-19f8-40cf-b7c4-fb920c964696
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame E538 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:18 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame E538 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=71369279587&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:18 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame E538 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:18 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame ABF1 		334 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876437294&tk_flint=pbjs_lite_v7.19.0&x_source.tid=f2ca71c3-d239-4adf-b7ae-887b7330dc2c&l_pb_bid_id=2a7ee61d5ce2e9&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8060101523612004
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
ec3013120366bcf6abaa46fb6efd035155af915f66b39d4c3038e168b4aa4e9c

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:18 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
334
expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
prg.smartadserver.com/prebid/ Frame ABF1 		171 B
561 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:18 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame ABF1 		13 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
17c922df60732a06a12a21ca7e28c85415e8ba97ef4d3f86b8641f3ec648763a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 24 Dec 2022 10:07:18 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
149a4c11-abc9-488e-86a5-88409c479531
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame ABF1 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:18 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame ABF1 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:18 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
cdb
bidder.criteo.com/ Frame ABF1 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=97550206728&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:18 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
pbjs
htlb.casalemedia.com/openrtb/ Frame ABF1 		37 B
507 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221335e04a1af7579%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876437294%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876437294%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221483685bfc01794%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%22f2ca71c3-d239-4adf-b7ae-887b7330dc2c%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%221f6b75c0-28ff-4512-813e-4735239b769b%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab2d05e1694204118cb7f82041febdef8096a1513197183923c6c09d84f97e5d

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LXjjVtzM6ujMUQmTnJqMi0xcJVNRguaet7sxfdUXhRVzgg2xeYbdtn2ohQb%2FJ7m3k%2F7ET9%2B%2FuHwbGm8%2BcVUkMJOhs0S%2F5RYdnG2VtiRtnOmQnU7RXUZP5aBA9L%2FPGzB9ocPIYH8B"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e8877de8ab696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
translator
hbopenbid.pubmatic.com/ Frame ABF1 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:18 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
adition.js
imagesrv.adition.com/js/ Frame 3444 		32 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/js/adition.js
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:18 GMT
content-encoding
br
last-modified
Thu, 21 Oct 2021 06:32:42 GMT
etag
"4043560335-br"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
8355
js
ad4.adfarm1.adition.com/ Frame 3444 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4.adfarm1.adition.com/js?wp_id=4787253&gdpr=0&gdpr_consent=&prf[paappid]=&prf[padevid]=&prf[IDFA]=&prf[ADVERTISINGID]=&prf[pasource]=&prf[paplacementid]=6063205&prf[papublisherid]=1654713&prf[paref]=https%3A%2F%2Fforward.com%2F&prf[pasupplytype]=0&prf[padsp]=apx&prf[padevice]=0&prf[paadformat]=728x90&prf[pavendor]=&prf[paclickid]=&prf[pacarrier]=1&prf[paauction]=4295564537913537761&prf[pageolat]=&prf[pageolon]=&prf[padspuserid]=6212074435349714829&prf[passp]=10264&keyword=[mtp](cid)406782912[AAID][IDFA][u]https%3A%2F%2Fforward.com%2F[p]1654713[mtp](segc)&clickurl=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FKHqKBn054D9ViIyJNfvYPwAAAIA9Cu8_Rxz1wmt_5D_H155ZEqDqP-H0GTgw6Zw7jRdONcm4NVZVz6ZjAAAAAJdDgQEYKAAAsAQAAAIAAADAAz8YnuYfAAAAAABVU0QARVVSANgCWgAx-QAAAAABAQUCAAAAAMoAWyUv4wAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521BhJD_AjJo5YaEMCH_MEBGJ7NfyAAKAAxAAAAAAAAAAA6CUZSQTE6NTc3N0CIMElIMxZNZyfuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTIwMCNGUkExOjU3Nzc%3D%2Fbn%3D75880%2Fclickenc%3D
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad4.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
8423b80cb2eb252348fb441a9ee4b1f4976932426dafc8d17b6ac33f91d47a86

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
date
Sat, 24 Dec 2022 11:07:18 +0100
cache-control
max-age=600
content-encoding
gzip
content-type
application/x-javascript
server
ADITIONSERVER v1.0
expires
Sat, 01 Jan 2000 00:00:00 GMT
trk.js
cdn.adnxs.com/v/s/231/ Frame 3444 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/231/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a6014f6b98eaeb6078b9e1c953c61f33af95d5f4866d89a416d01b74a0dd6c27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Expires
Wed, 06 Dec 2023 04:35:13 GMT
Date
Sat, 24 Dec 2022 10:07:18 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
1575125
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27455
X-Served-By
cache-lga13620-LGA, cache-hhn-etou8220054-HHN
Last-Modified
Wed, 30 Nov 2022 10:07:25 GMT
Server
AkamaiNetStorage
X-Timer
S1671876439.925892,VS0,VE0
ETag
"48b9fe7fe4120aea6f95a30f505d7b35:1669802845.0694"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
17, 1295410
it
fra1-ib.adnxs.com/ Frame 3444 		0
930 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fforward.com%252F&e=wqT_3QLQCvSsAlAFAAADANYABQEI1Z6bnQYQ4ennwIOmus47GI2vuKqTme6aVio2CSh6igZ9OeA_EVWIjIk1-9g_GQAAAIA9Cu8_IUcc9cJrf-Q_KcfXnlkSoOo_MQAAAEDhepQ_MJeHhQw4mFBAsAlIAlDAh_zBAViezX9gAGix8pcBeOjQBIABAYoBA1VTRJIBA0VVUpgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAmh1ZignYScsIDk4MTE3MCwgMCk7dWYoJ2knLCA3ODgyNzMwLCAwKTt1ZignZycsIDE5ODg1NjI1LCAwKTt1ZigncycsIDI4MDg5MDY1OSwgMCk7dWYoJ3InLCA0MDY3ODI5MTIsIDApO5ICtQQha21qUzNRakpvNVlhRU1DSF9NRUJHQUFnbnMxX01BQTRBRUFBU0xBSlVKZUhoUXhZQUdDOUJtZ0FjQUI0QUlBQkFJZ0JBSkFCQVpnQkFhQUJBYWdCQWJBQkFMa0JKeHhCdnRjVzZUX0JBYlZjLUxJUG9Pb195UUVBQUFBQUFBRHdQOWtCU0RNV1RXY243al9nQWVxUDRRUDFBYmkyU0QtWUFnQ2dBZ0cxQWdBQUFBQzlBZ0FBQUFEQUFnRElBZ0RRQWdEWUFnRGdBZ0RvQWdENEFnR0FBd0dZQXdHaUF3NEludDJ4SnhBQkdBSXRBQURBUUtJRERnaWUzYkVuRUFzWUFpMEFBTUJBdWdNSlJsSkJNVG8xTnpjMzRBT0lNSUFFMWVUd0NZZ0UzdVR3Q1pBRUFKZ0VBY0VFQUFBQUFBQUFBQURKQkFBQUFBQUFBQUFBMkFRQThRUUFBQUFBQUFBQUFJZ0ZrUzJZQmFPYS1JVUJxUVZJTXhaTlp5ZnVQN0VGQUFBQUFBQUFBQURCQlEFUVBBQUJoQXlRVUFBQUNnNUxuQVA5RUYNGhhBQUFEWkJRAQjIQUFBUEFfNEFXRWlnWHdCYm5jdlFuNEJiTHhPNElHQTBWVlVvZ0dCSkFHQVpnR0FLRUdBATQFASRDb0JnU3lCaVFKBQ8JAQBSCQcFAQBaBQYJAQBoCQcBAVhDNEJnby6aApkBIUJoSkRfQWpKbzVZYVU5KEo3TmZ5QUFLQUF4AS8NAWQ2Q1VaU1FURTZOVGMzTjBDSU1FbElNeFpOWiEFBDFFDScQQUFBRmsBBgkBAEcdGABHHRgASB0YEEhnQWlRERDwqkR3UHcuLtgCAOACm4VO6gIUaHR0cHM6Ly9mb3J3YXJkLmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APw0pIB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDgwLjI1NS43LjEwOKgEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANIEDjEyMDAjRlJBMTo1Nzc32gQCCAHgBAHwBIUrIIgFAZgFAKAF_xEBGAHABQDJBQAFARTwP9IFCQkFC3gAAADYBQHgBQHwBcoB-gUECAAQAJAGAJgGALgGAMEGASAwAADwP9AG8wPaBhYKEAkRGQFwEAAYAOAGAfIGAggAgAcBiAcAoAcByAfo0ATSBw0VYwEmCNoHBgFdcBgA4AcA6gcCCADwB5bFA4oIAhAAlQgAAIA_mAgB&s=129bba5b2f2c0e79d74ae3916b073e6ce127e7fe
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:18 GMT
AN-X-Request-Uuid
2e99d96a-1ebc-4e1e-bd11-7eb03e6a4833
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dcmads.js
www.googletagservices.com/dcm/ Frame 8045 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9406a92f81fad251295cd64386a8bb62ee7503f589ae1b96893faae2f4fcb18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 09:31:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2124
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10900
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 17:19:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 24 Dec 2022 10:31:54 GMT
apn
beacon.sojern.com/imp/ Frame 8045 		42 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.sojern.com/imp/apn?auc=5127083361354022725&cr=273202276&seg=&st=0&bp=0.01151&pp=0.01151&aaid=&idfa=&ord=345246278
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
119.244.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
date
Sat, 24 Dec 2022 10:07:18 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
vary
Accept-Encoding
content-type
image/gif
ca
choices.truste.com/ Frame 8045 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.truste.com/ca?pid=sojern01&aid=sojern02_d&cid=0&c=345246278&sz=728x90&js=st_dapp
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-7.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
3cef1864f3b4a587c446729a5ee0eb8ae906ec76154e956b797e467c653d0024
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 ff2bcb2d3b4a3d9e0615ddd1033c38c4.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop
FRA2-C2
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
918
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
text/javascript;charset=UTF-8
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
XzTlIdspCMaJ_NKZ7e4LLlP90OutX020mWW8HDconYNnrBBz7xVQsQ==
expires
Mon, 26 Jul 1997 05:00:00 GMT
trk.js
cdn.adnxs.com/v/s/231/ Frame 8045 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/231/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a6014f6b98eaeb6078b9e1c953c61f33af95d5f4866d89a416d01b74a0dd6c27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Expires
Wed, 06 Dec 2023 04:35:13 GMT
Date
Sat, 24 Dec 2022 10:07:18 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
1575126
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27455
X-Served-By
cache-lga13620-LGA, cache-hhn-etou8220027-HHN
Last-Modified
Wed, 30 Nov 2022 10:07:25 GMT
Server
AkamaiNetStorage
X-Timer
S1671876439.912973,VS0,VE0
ETag
"48b9fe7fe4120aea6f95a30f505d7b35:1669802845.0694"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
17, 1439422
it
fra1-ib.adnxs.com/ Frame 8045 		0
930 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fforward.com%252F&e=wqT_3QKsCvBMLAUAAAMA1gAFAQjVnpudBhDF_sm68eTDk0cYja-4qpOZ7ppWKjYJNZ2dDI6Shz8Ra67jT36RgT8ZAAAAgD0K7z8ha67jT36RgT8pNJ0JJPCBMQAAAEDhepQ_MJeHhQw4mFBA6j9IAlDk-KKCAViezX9gAGix8pcBeOzQBIABAYoBA1VTRJIBA0VVUpgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAlN1ZignYScsIDUxNjcxOTksIDApO3VmKCdpJywgNTQ0MTYzORUULGcnLCAxMzk5MzU3MhUVMHInLCAyNzMyMDIyNzYFFvCLkgKlBCFMbWhNcUFqVjRKVVhFT1Q0b29JQkdBQWduczFfTUFBNEFFQUFTT29fVUplSGhReFlBR0M5Qm1nQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkFhZ0JBYkFCQUxrQmR6YTNRV0tRaHpfQkFYYzJ0MEZpa0ljX3lRRUFBQUFBQUFEd1A5a0JBQUEFDnQ4RF9nQWVlUXpBTDFBYzNNekQyWUFnQ2dBZ0cxQWcBIwRDOQkI8FtEQUFnRElBZ0RRQWdEWUFnRGdBZ0RvQWdENEFnQ0FBd0dZQXdHNkF3bEdVa0V4T2pVMk9EWGdBNGd3Z0FTT3RNTUZpQVNRdE1NRmtBUUJtQVFCdWdRYUNJVUVFUQFoHEFBQU5BX0dRAQkJASBJSUxHaXc3QkIJDwUgBHlRHSEYTmdFQVBFRREfXEFBQ0lCYlVzcVFWSU14Wk5aeWZ1UDdFRhkgGERCQlpxWm0BAkBia195UVVBQUFEZ2VYUzlQOTIoAARaQhFnwFBBXzRBWF9DUEFGNUl6V0J2Z0YzN0M3QW9JR0ExVlRSSWdHQUpBR0FaZ0dBS0VHbXAFXjBadVQtb0JnU3lCaVFKGYAEQVIdDABaHQwAaBkMQEM0QmdvLpoCmQEhZVJaVFl3OikCKEo3TmZ5QUFLQUF4GW1QODZDVVpTUVRFNk5UWTROVUNJTUVrDVQMRHdQMT0kAEYRGAxBQUFHERgMRFFQMh0YAEgRGBhBQUFIZ0FpLj0C8PV3Li7YAgDgApuFTuoCFGh0dHBzOi8vZm9yd2FyZC5jb20vgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgD8NKSAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBAw4MC4yNTUuNy4xMDioBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADSBA44MTcwI0ZSQTE6NTY4NdoEAggB4AQB8ATk-KKCAYgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBaTGKvoFBAgAEACQBgCYBgC4BgDBBgAFJSjwP9AG6CnaBhYKEAUQHQF0EAAYAOAGAfIGAggAgAcBiAcAoAcByAfs0ATSBw0JESkBJgjaBwYBXXAYAOAHAOoHAggA8AeWxQOKCAIQAJUIAACAP5gIAQ..&s=4679c57ce73a61edd9a55c475824daac1be9b76a
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:18 GMT
AN-X-Request-Uuid
0920a2ce-6742-4f29-814b-f5d6933c9909
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pubads_impl_2022120501.js
securepubads.g.doubleclick.net/gpt/ Frame FF5F 		380 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 23:09:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39464
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131905
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 09:36:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 23 Dec 2023 23:09:34 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame FF5F 		445 B
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=forward.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e2eec9839f427a77f6427a55e2c2f1d54b5a4620a8b30f53de1b1081f0505f8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:18 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
156
x-xss-protection
0
expires
Sat, 24 Dec 2022 10:07:18 GMT
/
servedby.flashtalking.com/imp/2/171383;6162252;201;js;GroupMCompetenceCenter;DEToyotaAlwaysOnRangeAlwaysOnConvertDisplayLightReactionProspectingSuperBanner0122/ Frame A931 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servedby.flashtalking.com/imp/2/171383;6162252;201;js;GroupMCompetenceCenter;DEToyotaAlwaysOnRangeAlwaysOnConvertDisplayLightReactionProspectingSuperBanner0122/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ft_section=17801719_AYGOX_PR_INFRA&ftOBA=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dicavjgt%26e%3D1535582086632&ft_keyword=17801719_AYGOX_PR_INFRA&gdpr=0&gdpr_consent=&cachebuster=759780.1377941741
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.64.122.89 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-64-122-89.deploy.static.akamaitechnologies.com
Software
prod-xre-app67.frk11 /
Resource Hash
ad2cde4573f7c4a898dd28625ec55001d7a09985f565f1258bf439a5222e5cc6
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:19 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=86400
Server
prod-xre-app67.frk11
Vary
Accept-Encoding
Content-Type
text/javascript;charset=ISO-8859-1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
721
Expires
Sat, 24 Dec 2022 10:07:19 GMT
v2
odr.mookie1.com/t/ Frame A931
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_876576%26src.visitorid%3D%25%25COOKIE%25%25
  • https://odr.mookie1.com/t/v2?tagid=V2_876576&src.visitorid=7180654624184727703&gdpr=0&gdpr_consent=
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_876576&src.visitorid=7180654624184727703&gdpr=0&gdpr_consent=
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=icavjgt&e=1535582086632
Protocol
H2
Server
34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:19 GMT
via
1.1 google
server
Apache
content-type
image/gif;charset=UTF-8
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://odr.mookie1.com/t/v2?tagid=V2_876576&src.visitorid=7180654624184727703&gdpr=0&gdpr_consent=
Date
Sat, 24 Dec 2022 10:07:18 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
trk.js
cdn.adnxs.com/v/s/231/ Frame A931 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/231/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a6014f6b98eaeb6078b9e1c953c61f33af95d5f4866d89a416d01b74a0dd6c27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Expires
Wed, 06 Dec 2023 04:35:13 GMT
Date
Sat, 24 Dec 2022 10:07:18 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
1575125
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27455
X-Served-By
cache-lga13620-LGA, cache-hhn-etou8220052-HHN
Last-Modified
Wed, 30 Nov 2022 10:07:25 GMT
Server
AkamaiNetStorage
X-Timer
S1671876439.913434,VS0,VE0
ETag
"48b9fe7fe4120aea6f95a30f505d7b35:1669802845.0694"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
17, 2166482
it
fra1-ib.adnxs.com/ Frame A931 		0
930 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fforward.com%252F&e=wqT_3QKNC_BMjQUAAAMA1gAFAQjVnpudBhCSr8ryp4fK11oYja-4qpOZ7ppWKjYJbqMBvAUShD8Rjrw5fbkmfz8ZAAAAgD0K7z8hjrw5fbkmfz8pbqMJJPCBMQAAAEDhepQ_MJeHhQw4mFBAqTlIAlCgxcedAViezX9gAGix8pcBeNXXBYABAYoBA1VTRJIBA0VVUpgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAml1ZignYScsIDE2OTQzNjgsIDApO3VmKCdpJywgNTI0OTAyMBUULGcnLCAxNzgwMTcxORUVMHMnLCAyNzY2MTc1MDAVFjByJywgMzMwNDI0OTkyBRbwtpIC8QQha0hnZWhRaXo2WkFaRUtERng1MEJHQUFnbnMxX01BRTRBRUFBU0trNVVKZUhoUXhZQUdDOUJtZ0FjQUI0QUlBQkFJZ0JBSkFCQVpnQkFhQUJBcWdCQXJBQkFMa0Izd0FGUlozcWdqX0JBWGRzZ0owV0U0UV95UUVBQUFBQUFBRHdQOWtCU0RNV1RXY243al9nQWZ5dndBTDFBWVhya1QtWUFnQ2dBZ0MxQWdBQUFBQzlBZwE58FVEQUFnRElBZ0RRQWdEWUFnRGdBdm5jbVNIb0FvZmFscDBHLUFJQWdBTUJtQU1Cb2dNT0NQdXR2aWNRQkJnQkxUbEtPRHFpQXc0SS1keVpJUkFKR0FJdAFagEFLSURFd2l4LU40bUVBb1lBUzExWUpZX01nTjFibXVpQRk0BExHETTATG9EQ1VaU1FURTZOVE14Ti1BRGlEQ0FCTGlqaXdpSUJPdl9xQWlRQkFHWUJBVEJCQQVqBQEIeVFRBQgFARhOZ0VBUEVFBQwFAVBDSUJjVXBtQVdjc3ZPREFha0ZTRE0tLAgteEIdOwh3UVUFMgUBCE1rRgEIHFlOSmQ3el9SLigAADIVKPBDRHdQLUFGMUFmd0JmZkR2Z2o0QmFDMVo0SUdBMFZWVW9nR0FKQUdBWmdHQUtFR1BRclhvM0E5OGotb0JnU3lCaVFKQUEBZgUBAFIFBgkBAFoJBwUBAGgFBgUBQEM0QmdvLpoCmQEhaVJWS0pBOnUCLEo3TmZ5QUFLQUF4UBVtBDg2MlkBQDBDSU1FbElNeFpOWnlmdVAxPSwERmsFZwUBAEcdGABHHRgASB0YDEhnQWkuiQLw9XcuLtgCAOACm4VO6gIUaHR0cHM6Ly9mb3J3YXJkLmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APw0pIB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDgwLjI1NS43LjEwOKgEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANIEDjczMzcjRlJBMTo1MzE32gQCCAHgBAHwBKDFx50BiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFhQH6BQQIABAAkAYAmAYAuAYAwQYAAAElKPA_0Aa0JdoGFgoQAQ8uAQB0EAAYAOAGAfIGAggAgAcBiAcAoAcByAfV1wXSBw0JESoBJgzaBwYIBQlo4AcA6gcCCADwB5bFA4oIAhAAlQgAAIA_mAgB&s=47daefe9c46a3f52b48db0accb93a4dc543a0e2c
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:18 GMT
AN-X-Request-Uuid
b4d3a759-e690-491a-92f0-1228ea283281
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
servedby.flashtalking.com/imp/2/171383;6162252;201;js;GroupMCompetenceCenter;DEToyotaAlwaysOnRangeAlwaysOnConvertDisplayLightReactionProspectingSuperBanner0122/ Frame 9393 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servedby.flashtalking.com/imp/2/171383;6162252;201;js;GroupMCompetenceCenter;DEToyotaAlwaysOnRangeAlwaysOnConvertDisplayLightReactionProspectingSuperBanner0122/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ft_section=17801719_AYGOX_PR_INFRA&ftOBA=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dybwpafwce%26e%3D1535582086632&ft_keyword=17801719_AYGOX_PR_INFRA&gdpr=0&gdpr_consent=&cachebuster=524893.7704190068
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.64.122.89 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-64-122-89.deploy.static.akamaitechnologies.com
Software
prod-xre-app28.frk11 /
Resource Hash
1af914eed7a0b70cbe2e8b28c5d58bbcd93da7095780c75aa695f7a7f23f2bff
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:19 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=86400
Server
prod-xre-app28.frk11
Vary
Accept-Encoding
Content-Type
text/javascript;charset=ISO-8859-1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
726
Expires
Sat, 24 Dec 2022 10:07:19 GMT
v2
odr.mookie1.com/t/ Frame 9393
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_876576%26src.visitorid%3D%25%25COOKIE%25%25
  • https://odr.mookie1.com/t/v2?tagid=V2_876576&src.visitorid=7180654624183941259&gdpr=0&gdpr_consent=
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_876576&src.visitorid=7180654624183941259&gdpr=0&gdpr_consent=
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=ybwpafwce&e=1535582086632
Protocol
H2
Server
34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:19 GMT
via
1.1 google
server
Apache
content-type
image/gif;charset=UTF-8
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://odr.mookie1.com/t/v2?tagid=V2_876576&src.visitorid=7180654624183941259&gdpr=0&gdpr_consent=
Date
Sat, 24 Dec 2022 10:07:18 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
trk.js
cdn.adnxs.com/v/s/231/ Frame 9393 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/231/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a6014f6b98eaeb6078b9e1c953c61f33af95d5f4866d89a416d01b74a0dd6c27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Expires
Wed, 06 Dec 2023 04:35:13 GMT
Date
Sat, 24 Dec 2022 10:07:18 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
1575126
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27455
X-Served-By
cache-lga13620-LGA, cache-hhn-etou8220041-HHN
Last-Modified
Wed, 30 Nov 2022 10:07:25 GMT
Server
AkamaiNetStorage
X-Timer
S1671876439.914770,VS0,VE0
ETag
"48b9fe7fe4120aea6f95a30f505d7b35:1669802845.0694"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
17, 420356
it
fra1-ib.adnxs.com/ Frame 9393 		0
930 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fforward.com%252F&e=wqT_3QKNC_BMjQUAAAMA1gAFAQjVnpudBhCR--Cnvf3Eg24Yja-4qpOZ7ppWKjYJbqMBvAUShD8Rjrw5fbkmfz8ZAAAAgD0K7z8hjrw5fbkmfz8pbqMJJPCBMQAAAEDhepQ_MJeHhQw4mFBAqTlIAlCgxcedAViezX9gAGix8pcBeIzZBYABAYoBA1VTRJIBA0VVUpgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAml1ZignYScsIDE2OTQzNjgsIDApO3VmKCdpJywgNTI0OTAyMBUULGcnLCAxNzgwMTcxORUVMHMnLCAyNzY2MTc1MDAVFjByJywgMzMwNDI0OTkyBRbwtpIC8QQhZlhpTmVBaXo2WkFaRUtERng1MEJHQUFnbnMxX01BRTRBRUFBU0trNVVKZUhoUXhZQUdDOUJtZ0FjQUI0QUlBQkFJZ0JBSkFCQVpnQkFhQUJBcWdCQXJBQkFMa0Izd0FGUlozcWdqX0JBWGRzZ0owV0U0UV95UUVBQUFBQUFBRHdQOWtCU0RNV1RXY243al9nQWZ5dndBTDFBWVhya1QtWUFnQ2dBZ0MxQWdBQUFBQzlBZwE58FVEQUFnRElBZ0RRQWdEWUFnRGdBdm5jbVNIb0FvZmFscDBHLUFJQWdBTUJtQU1Cb2dNT0NQdXR2aWNRQkJnQkxUbEtPRHFpQXc0SS1keVpJUkFKR0FJdAFagEFLSURFd2l4LU40bUVBb1lBUzExWUpZX01nTjFibXVpQRk0BExHETTATG9EQ1VaU1FURTZOVE13TS1BRGlEQ0FCTGlqaXdpSUJPdl9xQWlRQkFHWUJBVEJCQQVqBQEIeVFRBQgFARhOZ0VBUEVFBQwFAVBDSUJiY3BtQVdjc3ZPREFha0ZTRE0tLAgteEIdOwh3UVUFMgUBCE1rRgEIHFlOSmQ3el9SLigAADIVKPBDRHdQLUFGMUFmd0JmZkR2Z2o0QmFDMVo0SUdBMFZWVW9nR0FKQUdBWmdHQUtFR1BRclhvM0E5OGotb0JnU3lCaVFKQUEBZgUBAFIFBgkBAFoJBwUBAGgFBgUBQEM0QmdvLpoCmQEhaEJYcklnOnUCLEo3TmZ5QUFLQUF4UBVtBDg2MlkBQDBDSU1FbElNeFpOWnlmdVAxPSwERmsFZwUBAEcdGABHHRgASB0YDEhnQWkuiQLw9XcuLtgCAOACm4VO6gIUaHR0cHM6Ly9mb3J3YXJkLmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APw0pIB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDgwLjI1NS43LjEwOKgEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANIEDjczMzcjRlJBMTo1MzAz2gQCCAHgBAHwBKDFx50BiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFhQH6BQQIABAAkAYAmAYAuAYAwQYAAAElKPA_0Aa0JdoGFgoQAQ8uAQB0EAAYAOAGAfIGAggAgAcBiAcAoAcByAeM2QXSBw0JESoBJgzaBwYIBQlo4AcA6gcCCADwB5bFA4oIAhAAlQgAAIA_mAgB&s=b0c0d118cc36b832edf1ea36c100861ce1762c0b
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:18 GMT
AN-X-Request-Uuid
a7b24279-cb8b-419d-8192-fa10e47ba196
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
servedby.flashtalking.com/imp/2/171383;6162252;201;js;GroupMCompetenceCenter;DEToyotaAlwaysOnRangeAlwaysOnConvertDisplayLightReactionProspectingSuperBanner0122/ Frame 90BF 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servedby.flashtalking.com/imp/2/171383;6162252;201;js;GroupMCompetenceCenter;DEToyotaAlwaysOnRangeAlwaysOnConvertDisplayLightReactionProspectingSuperBanner0122/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ft_section=17801719_AYGOX_PR_INFRA&ftOBA=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Defljs%26e%3D1535582086632&ft_keyword=17801719_AYGOX_PR_INFRA&gdpr=0&gdpr_consent=&cachebuster=273351.3404336505
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.64.122.89 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-64-122-89.deploy.static.akamaitechnologies.com
Software
prod-xre-app2.frk11 /
Resource Hash
c93113d10d104c77263283ca19fc333f6c54abf58948b100bf7bc712da4378be
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:19 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=86400
Server
prod-xre-app2.frk11
Vary
Accept-Encoding
Content-Type
text/javascript;charset=ISO-8859-1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
720
Expires
Sat, 24 Dec 2022 10:07:19 GMT
v2
odr.mookie1.com/t/ Frame 90BF
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_876576%26src.visitorid%3D%25%25COOKIE%25%25
  • https://odr.mookie1.com/t/v2?tagid=V2_876576&src.visitorid=7180654624183416986&gdpr=0&gdpr_consent=
43 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_876576&src.visitorid=7180654624183416986&gdpr=0&gdpr_consent=
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=efljs&e=1535582086632
Protocol
H2
Server
34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:19 GMT
via
1.1 google
server
Apache
content-type
image/gif;charset=UTF-8
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://odr.mookie1.com/t/v2?tagid=V2_876576&src.visitorid=7180654624183416986&gdpr=0&gdpr_consent=
Date
Sat, 24 Dec 2022 10:07:18 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
trk.js
cdn.adnxs.com/v/s/231/ Frame 90BF 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/231/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a6014f6b98eaeb6078b9e1c953c61f33af95d5f4866d89a416d01b74a0dd6c27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Expires
Wed, 06 Dec 2023 04:35:13 GMT
Date
Sat, 24 Dec 2022 10:07:18 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
1575126
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27455
X-Served-By
cache-lga13620-LGA, cache-hhn-etou8220042-HHN
Last-Modified
Wed, 30 Nov 2022 10:07:25 GMT
Server
AkamaiNetStorage
X-Timer
S1671876439.913510,VS0,VE0
ETag
"48b9fe7fe4120aea6f95a30f505d7b35:1669802845.0694"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
17, 291026
it
fra1-ib.adnxs.com/ Frame 90BF 		0
930 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fforward.com%252F&e=wqT_3QKNC_BMjQUAAAMA1gAFAQjVnpudBhDq8rnR6bepgVsYja-4qpOZ7ppWKjYJbqMBvAUShD8Rjrw5fbkmfz8ZAAAAgD0K7z8hjrw5fbkmfz8pbqMJJPCBMQAAAEDhepQ_MJeHhQw4mFBAqTlIAlCgxcedAViezX9gAGix8pcBeN_wBYABAYoBA1VTRJIBA0VVUpgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAml1ZignYScsIDE2OTQzNjgsIDApO3VmKCdpJywgNTI0OTAyMBUULGcnLCAxNzgwMTcxORUVMHMnLCAyNzY2MTc1MDAVFjByJywgMzMwNDI0OTkyBRbwtpIC8QQha25pTWhnaXo2WkFaRUtERng1MEJHQUFnbnMxX01BRTRBRUFBU0trNVVKZUhoUXhZQUdDOUJtZ0FjQUI0QUlBQkFJZ0JBSkFCQVpnQkFhQUJBcWdCQXJBQkFMa0Izd0FGUlozcWdqX0JBWGRzZ0owV0U0UV95UUVBQUFBQUFBRHdQOWtCU0RNV1RXY243al9nQWZ5dndBTDFBWVhya1QtWUFnQ2dBZ0MxQWdBQUFBQzlBZwE58FVEQUFnRElBZ0RRQWdEWUFnRGdBdm5jbVNIb0FvZmFscDBHLUFJQWdBTUJtQU1Cb2dNT0NQdXR2aWNRQkJnQkxUbEtPRHFpQXc0SS1keVpJUkFKR0FJdAFagEFLSURFd2l4LU40bUVBb1lBUzExWUpZX01nTjFibXVpQRk0BExHETTATG9EQ1VaU1FURTZOVE14T09BRGlEQ0FCTGlqaXdpSUJPdl9xQWlRQkFHWUJBVEJCQQVqBQEIeVFRBQgFARhOZ0VBUEVFBQwFAVBDSUJjWXBtQVdjc3ZPREFha0ZTRE0tLAgteEIdOwh3UVUFMgUBCE1rRgEIHFlOSmQ3el9SLigAADIVKPBDRHdQLUFGMUFmd0JmZkR2Z2o0QmFDMVo0SUdBMFZWVW9nR0FKQUdBWmdHQUtFR1BRclhvM0E5OGotb0JnU3lCaVFKQUEBZgUBAFIFBgkBAFoJBwUBAGgFBgUBQEM0QmdvLpoCmQEhaWhXUUpBOnUCLEo3TmZ5QUFLQUF4UBVtBDg2MlkBQEVDSU1FbElNeFpOWnlmdVAxPSwERmsFZwUBAEcdGABHHRgASB0YDEhnQWkuiQLw9XcuLtgCAOACm4VO6gIUaHR0cHM6Ly9mb3J3YXJkLmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APw0pIB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDgwLjI1NS43LjEwOKgEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANIEDjczMzcjRlJBMTo1MzE42gQCCAHgBAHwBKDFx50BiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFhQH6BQQIABAAkAYAmAYAuAYAwQYAAAElKPA_0Aa0JdoGFgoQAQ8uAQB0EAAYAOAGAfIGAggAgAcBiAcAoAcByAff8AXSBw0JESoBJgzaBwYIBQlo4AcA6gcCCADwB5bFA4oIAhAAlQgAAIA_mAgB&s=00a3ae6a7ce490bd4bc009e881ed85cc9a3e4718
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:18 GMT
AN-X-Request-Uuid
f2daacc0-e6d0-4eab-8a21-dd1f75f78b49
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame CE88 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:17 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ Frame CE88 		36 B
498 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2230c565a6659d4c%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876437322%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876437322%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%224685fc35fe69ac%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%2214a6dc8b-0571-4d53-9695-d6ba14ee24d2%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%227c412f34-ab42-4e3c-966a-9115c1773b1e%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b98c1e393e123674731785369f76851ad59c2ef17b268068f90f3b124615b736

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YDPfjattAG2UFll2MrgY2vnUVADp9sBgMQWODnrLllBnzBOt8muX1kLZX0o5H2xOvj7CzHD0DdGIiAHAs6OQ5KCKoGFDGF%2FicHGAicr62wJRXMTUvQaQ96ckvKMYoQQUP8zq2P9S"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e8877eb9fc696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
prebid
ib.adnxs.com/ut/v3/ Frame CE88 		13 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
5e318b0040a4f225d3634ad0c70f87b72aad724786e372e736937e40ff4d60b7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 24 Dec 2022 10:07:18 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
b1841496-0aba-4de9-9418-02e46ee07dcf
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame CE88 		334 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876437322&tk_flint=pbjs_lite_v7.19.0&x_source.tid=14a6dc8b-0571-4d53-9695-d6ba14ee24d2&l_pb_bid_id=822363005a9b53&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.686484937651507
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
0234f74d26f8155469cbec98cab0673742e898f16ab2720e1b060c277d45a7e1

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:18 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
334
expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ Frame CE88 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=33179893142&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:18 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
v1
prg.smartadserver.com/prebid/ Frame CE88 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:18 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame CE88 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:18 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
v1
prg.smartadserver.com/prebid/ Frame CE88 		171 B
561 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:18 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ Frame 5DDA 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:18 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame 5DDA 		13 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
02fa19c76313dd9a6e0c557d11bd94b42bc211fb799fbca5e20ab87724b2c78a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 24 Dec 2022 10:07:18 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
75f64b83-6fbc-48ff-a43b-7d0e4aae940f
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 5DDA 		334 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876437341&tk_flint=pbjs_lite_v7.19.0&x_source.tid=3a147993-2328-462e-b5ff-7a36d0e59e4b&l_pb_bid_id=63fde1fd1d6431&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.13146686011116393
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
045212d4f1202ada05d9929158338780ccd7c18022c280e44a653c47d36bebe3

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:18 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
334
expires
Wed, 17 Sep 1975 21:32:10 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 5DDA 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:18 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
v1
prg.smartadserver.com/prebid/ Frame 5DDA 		171 B
561 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:18 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ Frame 5DDA 		37 B
506 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2211b141364cf7739%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876437341%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876437341%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2212fe5e1eb63c45b%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%223a147993-2328-462e-b5ff-7a36d0e59e4b%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%229370eac3-00ab-4b67-84fb-367bf2ddddfe%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e514b354c703fc3e682872284813819dd284debd148e35a6e84559a605cd7907

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d8lTaqD7jpEThYkNA57FjYqguzK%2B9zzDgPUpPQyDkaOyeKLPo3CvtP7UYUGopIKzJGU6ga1tLbIou5S%2Bj1kky%2F2G%2F%2FaD86Gc%2Bp06oMWFfgbeXlrbb1GoH1DIYOl2IbNR7TD2KCAc"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e8877eda35696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
cdb
bidder.criteo.com/ Frame 5DDA 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=77272699829&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:18 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
translator
hbopenbid.pubmatic.com/ Frame 97A1 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:18 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 97A1 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:18 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
pbjs
htlb.casalemedia.com/openrtb/ Frame 97A1 		36 B
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22570ed02cb4c5ea%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876437335%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876437335%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2261a8414e298329%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%223950a38e-ebbe-4a1a-9bd1-4aa9d3a7683e%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%22948942fe-5a5d-44f3-b73a-8823e833bdba%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afac0fa779cdb01b714b1433a69d764fab98ce5aeb42e71319d326906a67c1ae

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PYSq%2BqmbhM8U1OD%2BM7yQm9wL2SE5AuUnlozoeAcHVmpA1WBe19CobG6x86%2FAoxrlWd9c1TxvTJ%2BOfoIm4AlpM1xGO9Bk1yecJnVga4LtYWh9I904%2BKMf3AZk4KhdIOiEDV0OkuFh"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e8877f1aca696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 97A1 		334 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876437335&tk_flint=pbjs_lite_v7.19.0&x_source.tid=3950a38e-ebbe-4a1a-9bd1-4aa9d3a7683e&l_pb_bid_id=8a1c1b0c3122aa&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6201507179705819
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
4fe5d31894f6ac9bcca4530c69e5ccdbca5486b76771842575183ef1907e5b4d

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:18 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
334
expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
prg.smartadserver.com/prebid/ Frame 97A1 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:18 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame 97A1 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=89434608484&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:18 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
prebid
ib.adnxs.com/ut/v3/ Frame 97A1 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e12060904439ec70952c183d76f6514cac137d399037f426e8ad9c7aea74953e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:19 GMT
AN-X-Request-Uuid
927bc167-20ec-49ab-a892-12fb86d4b37f
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame 582D 		36 B
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221ab029ab941ebe%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876437348%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876437348%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222aece8097b32d4%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%221efc8e47-2938-4a76-8e6a-1bd88e1dbf48%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%2260014335-6fed-4c57-9636-77e952e1d3e2%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5856b68e013b646b76754c8e3bd6af47a51ab28c7b09adce348e8eece1fec05

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AqVGR8Z8AElg76KP1NGPUmUdqyHmlQBh1Nqe2mxn0miKXlbj%2FQq7I0toZqo5RG1HVSm43kI0DFzSjPTOSSYSNByvdBSbI8KFwezDvU9gKjJ%2B8mEbDTIvTJPe2IsamuRJ8BybqNdT"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e8877f3b02696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 582D 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:18 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
v1
prg.smartadserver.com/prebid/ Frame 582D 		171 B
561 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:18 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 582D 		334 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876437348&tk_flint=pbjs_lite_v7.19.0&x_source.tid=1efc8e47-2938-4a76-8e6a-1bd88e1dbf48&l_pb_bid_id=8b5ef2e967f53b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.20981818318162881
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
5c72287a4376f4bf15ae4b67e897a669fea690636d3628c5a969de5b7a78f7ae

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:18 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
334
expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ Frame 582D 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=71859224347&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:18 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
prebid
ib.adnxs.com/ut/v3/ Frame 582D 		13 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
ed12106fe484590d9481d48024e30d294b75b35e238fcf0d5dd3c59c22d8b4c4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 24 Dec 2022 10:07:19 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
1040cc73-c181-4256-a481-c038e994b4e6
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 582D 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:17 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame 0189 		16 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
122a71d57255fe89be6c03814ecf60c98ca56fa9b8eeaabb9340731824cd123c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 24 Dec 2022 10:07:19 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
db57146b-5491-4281-92ee-9991184ca61f
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ Frame 0189 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=35553925894&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:18 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
v1
prg.smartadserver.com/prebid/ Frame 0189 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:19 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ Frame 0189 		36 B
505 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2278eac3fe22db7b%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876437355%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876437355%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%228547d1e335ebdd%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%2230ce97c4-fbd9-489f-b0b3-e3686f2498f1%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%22f7e87cde-f424-424a-a7c6-724828cd1fc5%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
385c82d550eae26afe1fa91e277386edef1f41d86d2efeb148802d9422681655

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F7BuAcBOzvL4ATCImz4z7PWVb%2FZfR1Xi%2BvKU0LNtMeeohFbim0aBv%2FwXqw2QpfxX8azkHDU5NvFAVO5Wcx8Cdj8VAIom%2BbL3gqXwECJjQri%2FTxYwUyPqQ0H3UiXO5xPz1bspq0gK"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e8877f3b15696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 0189 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:18 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 0189 		334 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876437355&tk_flint=pbjs_lite_v7.19.0&x_source.tid=30ce97c4-fbd9-489f-b0b3-e3686f2498f1&l_pb_bid_id=129b1cb06188ca4&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8044010371843799
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
de74c5932dd0059711e28fb5117abea8ffceea48a036383d289747d6f8e0187b

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:18 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
334
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ Frame 0189 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:17 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame 67EC 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=38748276867&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:18 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
translator
hbopenbid.pubmatic.com/ Frame 67EC 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:18 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ Frame 67EC 		36 B
505 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2252509a325a971a%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876437361%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876437361%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%226d7fc2f4b4b67%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%223358e4a3-b5dd-4df9-8fea-6edf20fff245%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%22436b4d31-5570-41fe-a996-a35b180fdfd7%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f345f98f07e664032e668f226b54515569a580d01ed19fc0dbfa0a6d5bac280

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=inlaDpJKCL1%2FYkkFnBvzQ3qxMi37mwQuNkJO2JquY%2BrXQZX4Bc95VYxy1OVdmuvTUi7t23IJCbWh1uZ%2Fb9j3D6ZuWPj0rkUzDJzU4vsjN7DQ788Jf%2FefI0qvtu9plTWwF0DtVEt%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e8877f4b27696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
prebid
ib.adnxs.com/ut/v3/ Frame 67EC 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
d1d98bda78ef964576b8680c2593524c8ac8789c9f60bd17afc45eda5e5e28af
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:19 GMT
AN-X-Request-Uuid
2ef62045-d5a8-470a-b94d-11ab0a4756d6
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame 67EC 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:18 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 67EC 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:18 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 67EC 		334 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876437361&tk_flint=pbjs_lite_v7.19.0&x_source.tid=3358e4a3-b5dd-4df9-8fea-6edf20fff245&l_pb_bid_id=14e2d359dcf70c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.08618910235502142
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
1d0aaf8d2ebc468c56fd03651130eeb7b88e5b1f13a47c8c2347e5e7abbad38f

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:18 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
334
expires
Wed, 17 Sep 1975 21:32:10 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame BAC3 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 24 Dec 2022 10:07:19 GMT
/
servedby.flashtalking.com/imp/2/171383;6162252;201;js;GroupMCompetenceCenter;DEToyotaAlwaysOnRangeAlwaysOnConvertDisplayLightReactionProspectingSuperBanner0122/ Frame 9936 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servedby.flashtalking.com/imp/2/171383;6162252;201;js;GroupMCompetenceCenter;DEToyotaAlwaysOnRangeAlwaysOnConvertDisplayLightReactionProspectingSuperBanner0122/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ft_section=17801719_AYGOX_PR_INFRA&ftOBA=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dhxphinku%26e%3D1535582086632&ft_keyword=17801719_AYGOX_PR_INFRA&gdpr=0&gdpr_consent=&cachebuster=861478.9890703169
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.64.122.89 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-64-122-89.deploy.static.akamaitechnologies.com
Software
prod-xre-app14.frk11 /
Resource Hash
9d8d2b28aa7e8a0c5ea4e3b88982a33f71f8324ca9b19786c61e0db38f93c08f
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:19 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=86400
Server
prod-xre-app14.frk11
Vary
Accept-Encoding
Content-Type
text/javascript;charset=ISO-8859-1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
723
Expires
Sat, 24 Dec 2022 10:07:19 GMT
v2
odr.mookie1.com/t/ Frame 9936
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_876576%26src.visitorid%3D%25%25COOKIE%25%25
  • https://odr.mookie1.com/t/v2?tagid=V2_876576&src.visitorid=7180654624183416986&gdpr=0&gdpr_consent=
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_876576&src.visitorid=7180654624183416986&gdpr=0&gdpr_consent=
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=hxphinku&e=1535582086632
Protocol
H2
Server
34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:19 GMT
via
1.1 google
server
Apache
content-type
image/gif;charset=UTF-8
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://odr.mookie1.com/t/v2?tagid=V2_876576&src.visitorid=7180654624183416986&gdpr=0&gdpr_consent=
Date
Sat, 24 Dec 2022 10:07:18 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
trk.js
cdn.adnxs.com/v/s/231/ Frame 9936 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/231/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a6014f6b98eaeb6078b9e1c953c61f33af95d5f4866d89a416d01b74a0dd6c27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Expires
Wed, 06 Dec 2023 04:35:13 GMT
Date
Sat, 24 Dec 2022 10:07:18 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
1575126
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27455
X-Served-By
cache-lga13620-LGA, cache-hhn-etou8220052-HHN
Last-Modified
Wed, 30 Nov 2022 10:07:25 GMT
Server
AkamaiNetStorage
X-Timer
S1671876439.960545,VS0,VE0
ETag
"48b9fe7fe4120aea6f95a30f505d7b35:1669802845.0694"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
17, 2166483
it
fra1-ib.adnxs.com/ Frame 9936 		0
930 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fforward.com%252F&e=wqT_3QKNC_BMjQUAAAMA1gAFAQjVnpudBhDN1dCf6oadpkoYja-4qpOZ7ppWKjYJbqMBvAUShD8Rjrw5fbkmfz8ZAAAAgD0K7z8hjrw5fbkmfz8pbqMJJPCBMQAAAEDhepQ_MJeHhQw4mFBAqTlIAlCgxcedAViezX9gAGix8pcBeMDZBYABAYoBA1VTRJIBA0VVUpgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAml1ZignYScsIDE2OTQzNjgsIDApO3VmKCdpJywgNTI0OTAyMBUULGcnLCAxNzgwMTcxORUVMHMnLCAyNzY2MTc1MDAVFjByJywgMzMwNDI0OTkyBRbwtpIC8QQhYm5oc2N3aXo2WkFaRUtERng1MEJHQUFnbnMxX01BRTRBRUFBU0trNVVKZUhoUXhZQUdDOUJtZ0FjQUI0QUlBQkFJZ0JBSkFCQVpnQkFhQUJBcWdCQXJBQkFMa0Izd0FGUlozcWdqX0JBWGRzZ0owV0U0UV95UUVBQUFBQUFBRHdQOWtCU0RNV1RXY243al9nQWZ5dndBTDFBWVhya1QtWUFnQ2dBZ0MxQWdBQUFBQzlBZwE58FVEQUFnRElBZ0RRQWdEWUFnRGdBdm5jbVNIb0FvZmFscDBHLUFJQWdBTUJtQU1Cb2dNT0NQdXR2aWNRQkJnQkxUbEtPRHFpQXc0SS1keVpJUkFKR0FJdAFagEFLSURFd2l4LU40bUVBb1lBUzExWUpZX01nTjFibXVpQRk0BExHETTATG9EQ1VaU1FURTZOVGMzT2VBRGlEQ0FCTGlqaXdpSUJPdl9xQWlRQkFHWUJBVEJCQQVqBQEIeVFRBQgFARhOZ0VBUEVFBQwFAVBDSUJaTXRtQVdjc3ZPREFha0ZTRE0tLAgteEIdOwh3UVUFMgUBCE1rRgEIHFlOSmQ3el9SLigAADIVKPBDRHdQLUFGMUFmd0JmZkR2Z2o0QmFDMVo0SUdBMFZWVW9nR0FKQUdBWmdHQUtFR1BRclhvM0E5OGotb0JnU3lCaVFKQUEBZgUBAFIFBgkBAFoJBwUBAGgFBgUBPEM0QmdvLpoCmQEhbFJXZ0o-dQIsSjdOZnlBQUtBQXhQFW0EODYyWQFAVUNJTUVsSU14Wk5aeWZ1UDE9LARGawVnBQEARx0YAEcdGABIHRgMSGdBaS6JAvD1dy4u2AIA4AKbhU7qAhRodHRwczovL2ZvcndhcmQuY29tL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA_DSkgHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMODAuMjU1LjcuMTA4qAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA0gQONzMzNyNGUkExOjU3NznaBAIIAeAEAfAEoMXHnQGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWFAfoFBAgAEACQBgCYBgC4BgDBBgAAASUo8D_QBrQl2gYWChABDy4BAHQQABgA4AYB8gYCCACABwGIBwCgBwHIB8DZBdIHDQkRKgEmDNoHBggFCWjgBwDqBwIIAPAHlsUDiggCEACVCAAAgD-YCAE.&s=631518fc29e8493b05c4eb565e045b114943da36
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:18 GMT
AN-X-Request-Uuid
26f25a45-4acb-4bd2-88e7-ba67346682d1
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
servedby.flashtalking.com/imp/2/171383;6162252;201;js;GroupMCompetenceCenter;DEToyotaAlwaysOnRangeAlwaysOnConvertDisplayLightReactionProspectingSuperBanner0122/ Frame 96B2 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servedby.flashtalking.com/imp/2/171383;6162252;201;js;GroupMCompetenceCenter;DEToyotaAlwaysOnRangeAlwaysOnConvertDisplayLightReactionProspectingSuperBanner0122/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ft_section=17801719_AYGOX_PR_INFRA&ftOBA=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dajdxfouger%26e%3D1535582086632&ft_keyword=17801719_AYGOX_PR_INFRA&gdpr=0&gdpr_consent=&cachebuster=599051.2576137336
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.64.122.89 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-64-122-89.deploy.static.akamaitechnologies.com
Software
prod-xre-app5.frk11 /
Resource Hash
435e85f4abc392ff7f060f2e0a9cb707018ecb4d8ee01db2df6ae5ebe78b9b0a
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:19 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=86400
Server
prod-xre-app5.frk11
Vary
Accept-Encoding
Content-Type
text/javascript;charset=ISO-8859-1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
724
Expires
Sat, 24 Dec 2022 10:07:19 GMT
v2
odr.mookie1.com/t/ Frame 96B2
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_876576%26src.visitorid%3D%25%25COOKIE%25%25
  • https://odr.mookie1.com/t/v2?tagid=V2_876576&src.visitorid=7180654624183416986&gdpr=0&gdpr_consent=
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_876576&src.visitorid=7180654624183416986&gdpr=0&gdpr_consent=
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=ajdxfouger&e=1535582086632
Protocol
H2
Server
34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:19 GMT
via
1.1 google
server
Apache
content-type
image/gif;charset=UTF-8
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://odr.mookie1.com/t/v2?tagid=V2_876576&src.visitorid=7180654624183416986&gdpr=0&gdpr_consent=
Date
Sat, 24 Dec 2022 10:07:18 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
trk.js
cdn.adnxs.com/v/s/231/ Frame 96B2 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/231/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a6014f6b98eaeb6078b9e1c953c61f33af95d5f4866d89a416d01b74a0dd6c27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Expires
Wed, 06 Dec 2023 04:35:13 GMT
Date
Sat, 24 Dec 2022 10:07:18 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
1575126
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27455
X-Served-By
cache-lga13620-LGA, cache-hhn-etou8220027-HHN
Last-Modified
Wed, 30 Nov 2022 10:07:25 GMT
Server
AkamaiNetStorage
X-Timer
S1671876439.960609,VS0,VE0
ETag
"48b9fe7fe4120aea6f95a30f505d7b35:1669802845.0694"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
17, 1439423
it
fra1-ib.adnxs.com/ Frame 96B2 		0
930 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fforward.com%252F&e=wqT_3QKNC_BMjQUAAAMA1gAFAQjVnpudBhCu7LD2irbw7GAYja-4qpOZ7ppWKjYJbqMBvAUShD8Rjrw5fbkmfz8ZAAAAgD0K7z8hjrw5fbkmfz8pbqMJJPCBMQAAAEDhepQ_MJeHhQw4mFBAqTlIAlCgxcedAViezX9gAGix8pcBeNOGBoABAYoBA1VTRJIBA0VVUpgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAml1ZignYScsIDE2OTQzNjgsIDApO3VmKCdpJywgNTI0OTAyMBUULGcnLCAxNzgwMTcxORUVMHMnLCAyNzY2MTc1MDAVFjByJywgMzMwNDI0OTkyBRbwtpIC8QQhY1hnbmN3aXo2WkFaRUtERng1MEJHQUFnbnMxX01BRTRBRUFBU0trNVVKZUhoUXhZQUdDOUJtZ0FjQUI0QUlBQkFJZ0JBSkFCQVpnQkFhQUJBcWdCQXJBQkFMa0Izd0FGUlozcWdqX0JBWGRzZ0owV0U0UV95UUVBQUFBQUFBRHdQOWtCU0RNV1RXY243al9nQWZ5dndBTDFBWVhya1QtWUFnQ2dBZ0MxQWdBQUFBQzlBZwE58FVEQUFnRElBZ0RRQWdEWUFnRGdBdm5jbVNIb0FvZmFscDBHLUFJQWdBTUJtQU1Cb2dNT0NQdXR2aWNRQkJnQkxUbEtPRHFpQXc0SS1keVpJUkFKR0FJdAFagEFLSURFd2l4LU40bUVBb1lBUzExWUpZX01nTjFibXVpQRk0BExHETTATG9EQ1VaU1FURTZOalUxTS1BRGlEQ0FCTGlqaXdpSUJPdl9xQWlRQkFHWUJBVEJCQQVqBQEIeVFRBQgFARhOZ0VBUEVFBQwFAVBDSUJaa3ptQVdjc3ZPREFha0ZTRE0tLAgteEIdOwh3UVUFMgUBCE1rRgEIHFlOSmQ3el9SLigAADIVKPBDRHdQLUFGMUFmd0JmZkR2Z2o0QmFDMVo0SUdBMFZWVW9nR0FKQUdBWmdHQUtFR1BRclhvM0E5OGotb0JnU3lCaVFKQUEBZgUBAFIFBgkBAFoJBwUBAGgFBgUBQEM0QmdvLpoCmQEhakJVbkpROnUCLEo3TmZ5QUFLQUF4UBVtBDg2MlkBQDBDSU1FbElNeFpOWnlmdVAxPSwERmsFZwUBAEcdGABHHRgASB0YDEhnQWkuiQLw9XcuLtgCAOACm4VO6gIUaHR0cHM6Ly9mb3J3YXJkLmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APw0pIB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDgwLjI1NS43LjEwOKgEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANIEDjczMzcjRlJBMTo2NTUz2gQCCAHgBAHwBKDFx50BiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFhQH6BQQIABAAkAYAmAYAuAYAwQYAAAElKPA_0Aa0JdoGFgoQAQ8uAQB0EAAYAOAGAfIGAggAgAcBiAcAoAcByAfThgbSBw0JESoBJgzaBwYIBQlo4AcA6gcCCADwB5bFA4oIAhAAlQgAAIA_mAgB&s=362de2b5e0574252731e67407d346547674d03dc
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:18 GMT
AN-X-Request-Uuid
eb4f9527-6637-4a46-b041-75f542f0222a
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
servedby.flashtalking.com/imp/2/171383;6162252;201;js;GroupMCompetenceCenter;DEToyotaAlwaysOnRangeAlwaysOnConvertDisplayLightReactionProspectingSuperBanner0122/ Frame 3A7C 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servedby.flashtalking.com/imp/2/171383;6162252;201;js;GroupMCompetenceCenter;DEToyotaAlwaysOnRangeAlwaysOnConvertDisplayLightReactionProspectingSuperBanner0122/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ft_section=17801719_AYGOX_PR_INFRA&ftOBA=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dsqwwysn%26e%3D1535582086632&ft_keyword=17801719_AYGOX_PR_INFRA&gdpr=0&gdpr_consent=&cachebuster=673638.9531040796
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.64.122.89 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-64-122-89.deploy.static.akamaitechnologies.com
Software
prod-xre-app19.frk11 /
Resource Hash
68859cb4150141924722163ae3e155712f84a71bb66bebc3b774ead787bea497
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:19 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=86400
Server
prod-xre-app19.frk11
Vary
Accept-Encoding
Content-Type
text/javascript;charset=ISO-8859-1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
726
Expires
Sat, 24 Dec 2022 10:07:19 GMT
v2
odr.mookie1.com/t/ Frame 3A7C
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_876576%26src.visitorid%3D%25%25COOKIE%25%25
  • https://odr.mookie1.com/t/v2?tagid=V2_876576&src.visitorid=7180654624183416986&gdpr=0&gdpr_consent=
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_876576&src.visitorid=7180654624183416986&gdpr=0&gdpr_consent=
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=sqwwysn&e=1535582086632
Protocol
H2
Server
34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:19 GMT
via
1.1 google
server
Apache
content-type
image/gif;charset=UTF-8
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://odr.mookie1.com/t/v2?tagid=V2_876576&src.visitorid=7180654624183416986&gdpr=0&gdpr_consent=
Date
Sat, 24 Dec 2022 10:07:18 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
trk.js
cdn.adnxs.com/v/s/231/ Frame 3A7C 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/231/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a6014f6b98eaeb6078b9e1c953c61f33af95d5f4866d89a416d01b74a0dd6c27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Expires
Wed, 06 Dec 2023 04:35:13 GMT
Date
Sat, 24 Dec 2022 10:07:18 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
1575126
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27455
X-Served-By
cache-lga13620-LGA, cache-hhn-etou8220042-HHN
Last-Modified
Wed, 30 Nov 2022 10:07:25 GMT
Server
AkamaiNetStorage
X-Timer
S1671876439.968337,VS0,VE0
ETag
"48b9fe7fe4120aea6f95a30f505d7b35:1669802845.0694"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
17, 291027
it
fra1-ib.adnxs.com/ Frame 3A7C 		0
930 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fforward.com%252F&e=wqT_3QKNC_BMjQUAAAMA1gAFAQjVnpudBhC8ob3UlKu_tkYYja-4qpOZ7ppWKjYJbqMBvAUShD8Rjrw5fbkmfz8ZAAAAgD0K7z8hjrw5fbkmfz8pbqMJJPCBMQAAAEDhepQ_MJeHhQw4mFBAqTlIAlCgxcedAViezX9gAGix8pcBeKXZBYABAYoBA1VTRJIBA0VVUpgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAml1ZignYScsIDE2OTQzNjgsIDApO3VmKCdpJywgNTI0OTAyMBUULGcnLCAxNzgwMTcxORUVMHMnLCAyNzY2MTc1MDAVFjByJywgMzMwNDI0OTkyBRbwtpIC8QQha1hqMmhRaXo2WkFaRUtERng1MEJHQUFnbnMxX01BRTRBRUFBU0trNVVKZUhoUXhZQUdDOUJtZ0FjQUI0QUlBQkFJZ0JBSkFCQVpnQkFhQUJBcWdCQXJBQkFMa0Izd0FGUlozcWdqX0JBWGRzZ0owV0U0UV95UUVBQUFBQUFBRHdQOWtCU0RNV1RXY243al9nQWZ5dndBTDFBWVhya1QtWUFnQ2dBZ0MxQWdBQUFBQzlBZwE58FVEQUFnRElBZ0RRQWdEWUFnRGdBdm5jbVNIb0FvZmFscDBHLUFJQWdBTUJtQU1Cb2dNT0NQdXR2aWNRQkJnQkxUbEtPRHFpQXc0SS1keVpJUkFKR0FJdAFagEFLSURFd2l4LU40bUVBb1lBUzExWUpZX01nTjFibXVpQRk0BExHETTATG9EQ1VaU1FURTZOVFEwTk9BRGlEQ0FCTGlqaXdpSUJPdl9xQWlRQkFHWUJBVEJCQQVqBQEIeVFRBQgFARhOZ0VBUEVFBQwFAVBDSUJjUXFtQVdjc3ZPREFha0ZTRE0tLAgteEIdOwh3UVUFMgUBCE1rRgEIHFlOSmQ3el9SLigAADIVKPBDRHdQLUFGMUFmd0JmZkR2Z2o0QmFDMVo0SUdBMFZWVW9nR0FKQUdBWmdHQUtFR1BRclhvM0E5OGotb0JnU3lCaVFKQUEBZgUBAFIFBgkBAFoJBwUBAGgFBgUBQEM0QmdvLpoCmQEhaWhXVkpBOnUCLEo3TmZ5QUFLQUF4UBVtBDg2MlkBQEVDSU1FbElNeFpOWnlmdVAxPSwERmsFZwUBAEcdGABHHRgASB0YDEhnQWkuiQLw9XcuLtgCAOACm4VO6gIUaHR0cHM6Ly9mb3J3YXJkLmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APw0pIB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDgwLjI1NS43LjEwOKgEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANIEDjczMzcjRlJBMTo1NDQ02gQCCAHgBAHwBKDFx50BiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFhQH6BQQIABAAkAYAmAYAuAYAwQYAAAElKPA_0Aa0JdoGFgoQAQ8uAQB0EAAYAOAGAfIGAggAgAcBiAcAoAcByAel2QXSBw0JESoBJgzaBwYIBQlo4AcA6gcCCADwB5bFA4oIAhAAlQgAAIA_mAgB&s=96e521e271c2832453674397daa5211ba471f6a2
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:18 GMT
AN-X-Request-Uuid
323bc6e1-e33b-4b6a-a53e-a1bd64cc8dde
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
9odysa1gd1m7
hal9000.redintelligence.net/zone/ Frame 3B7F 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/9odysa1gd1m7?subid=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&rnd=606178722513727505&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:apn&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D606178722513727505%26mt_id%3D6622401%26mt_adid%3D216536%26redirect%3D
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.53.104.76.144.clients.your-server.de
Software
Apache /
Resource Hash
36bda666ba373744694463a3c13f36b339548efd21d51798910c0127c54f7a06

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:19 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
2799
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
ck-confirm
tags.mathtag.com/ Frame 3B7F
Redirect Chain
  • https://tags.mathtag.com/notify/img?exch=apn&s_exch=apn&id=5aW95q2jLzIzLyAvT1daa09URTBaVGN0TWpWaU9TMHpaR00zTFRBd01EQXRNREF3TURBd01EQXdNREF3LzYwNjE3ODcyMjUxMzcyNzUwNS82NjIyNDAxLzQ1NjIzMTIvMTMvZlVzdj...
  • https://tags.mathtag.com/ck-confirm?bid_id=606178722513727505&node_id=3749&exch_id=13
49 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/ck-confirm?bid_id=606178722513727505&node_id=3749&exch_id=13
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=snklkezbm&e=1535582086632
Protocol
HTTP/1.1
Server
185.29.132.242 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.374.2 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:19 GMT
Server
MMBD/3.374.2
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
zrh-router-x23, zrh-bidder-x135
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Sat, 24 Dec 2022 10:07:18 GMT

Redirect headers

Date
Sat, 24 Dec 2022 10:07:19 GMT
x-mm-nodeid
3749
x-mm-bid-request-time
1671876438
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Connection
keep-alive
Content-Length
85
x-mm-handled-by-owner
true
Last-Modified
Sat, 24 Dec 2022 10:07:18 GMT
Server
MMBD/3.374.2
x-mm-latency
1 (0)
Content-Type
text/html; charset=utf-8
Location
https://tags.mathtag.com/ck-confirm?bid_id=606178722513727505&node_id=3749&exch_id=13
x-mm-dbg
NotCount
Cache-Control
no-cache
x-mm-host
zrh-router-x21, zrh-bidder-x135
Keep-Alive
timeout=360
x-mm-lag
1
Expires
Sat, 24 Dec 2022 10:07:18 GMT
img
pixel.mathtag.com/event/ Frame 3B7F 		43 B
550 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=13&v2=606178722513727505&v3=651871&v4=4562312&v5=6622401&mt_nsync=1&no_attr=1
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.37.164 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-37-164.deploy.static.akamaitechnologies.com
Software
MT3 277 3f0ad7a master zrh-pixel-x30 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:19 GMT
Server
MT3 277 3f0ad7a master zrh-pixel-x30 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
Expires
Sat, 24 Dec 2022 10:07:18 GMT
img
tags.mathtag.com/event/ Frame 3B7F 		49 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/event/img?type=mmImpTrack&exch=apn&bid=606178722513727505&st=4562312&time=[IMP_ATTR.time]&nodeid=3749
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.242 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.374.2 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:19 GMT
Server
MMBD/3.374.2
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
zrh-router-x74, zrh-bidder-x135
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Sat, 24 Dec 2022 10:07:18 GMT
trk.js
cdn.adnxs.com/v/s/231/ Frame 3B7F 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/231/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a6014f6b98eaeb6078b9e1c953c61f33af95d5f4866d89a416d01b74a0dd6c27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Expires
Wed, 06 Dec 2023 04:35:13 GMT
Date
Sat, 24 Dec 2022 10:07:18 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
1575126
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27455
X-Served-By
cache-lga13620-LGA, cache-hhn-etou8220041-HHN
Last-Modified
Wed, 30 Nov 2022 10:07:25 GMT
Server
AkamaiNetStorage
X-Timer
S1671876439.969323,VS0,VE0
ETag
"48b9fe7fe4120aea6f95a30f505d7b35:1669802845.0694"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
17, 420357
it
fra1-ib.adnxs.com/ Frame 3B7F 		0
930 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fforward.com%252F&e=wqT_3QLTCvBMUwUAAAMA1gAFAQjVnpudBhCp26f54pGY1xEYja-4qpOZ7ppWKjYJy7kUV5V9pz8RQhwM8R89oz8ZAAAAgD0K7z8hQhwM8R89oz8py7kJJPTyATEAAABA4XqUPzCXh4UMOJhQQB1ICFCZjru2AViezX9gAGix8pcBeLrXBYABAYoBA1VTRJIBA0VVUpgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgApuFTuoCFGh0dHBzOi8vZm9yd2FyZC5jb20vgAMAiAMBkAMAmAMXoAMBqgPLBgqDBmh0dHA6Ly90YWdzLm1hdGh0YWcuY29tL25vdGlmeS9pbWc_ZXhjaD1hcG4mc19leGNoPWFwbiZpZD01YVc5NXEyakx6SXpMeUF2VDFkYWEwOVVSVEJhVkdOMFRXcFdhVTlUTUhwYVIwMHpURlJCZDAxRVFYUk5SRUYzVFVSQmQwMUVRWGROUkVGM0x6WXdOakUzT0RjeU1qVXhNemN5TnpVd05TODJOakl5TkRBeEx6UTFOakl6TVRJdk1UTXZabFZ6ZGpNMldsaE5Za1ZJUW5veU5WQXdiR3hqWWtKblEwaHVhVFJTYmt4VFRqaHJaMUJ5VDNOVFRTOHhMekV6THpBdk1DODVOVFk0TURNdk1UTTFPRGc1TURnMk1DOHlNVFkxTXpZdk5qVXhPRGN4THpFdk1DOHdMMDFFUVhkTlJFRjNUVVJCZEUxRVFYZE5RekIzVFVSQmQweFVRWGROUkVGMFQFEBQxRVFYZE4V-Ax5OHdMCXwFCHROakEyTVRjNE56SXlOVEV6TnpJM05UQTFMM3B5YUMBJPC2RTVOUzgwTmk4NU9Ua3ZNekl5THpnd0xqSTFOUzQzTGpBdk1DNHdNREF2TVRZM01UZzNOalF6T0M4eE5qY3hPRGc1TURNNEx6RXpMekV3TWpZMEx3L3N5YlUzOVZjNTE1R3Q3NUJWRktQeFljVk9xVSZub2RlaWQ9Mzc0OSZncm91cD16cmgmYXVjdGlvbmlkPTYwNjE3ODcyMjUxMzcyNzUwNSZwYnNfYXVjdGlvbmlkPTYwNjE3NiEAHHNoYXJka2V5ThwA9EgBcHJpY2U9JHtBVUNUSU9OX1BSSUNFfSZicD1hX2FlZmlpYSZuZnlfYWN0PUxENXdmM1UmYmZpcD0xODUuMjkuMTMzLjYwJnNpZD00NTYyMzEyJmNpZD02NjIyNDAxJnNyYz1hcGkmdHlwZT1udXJsJmNsaWVudD1zMnMSEjYwNjE3ODcyMjUxMzcyNzUwNRoTMTI3NDA2MTkwODM4NTMyODU1MyIJMzgyNjUwMTM3KgYxMDE5MzY6BzY2MjI0MDHAA6wCyAMA2APw0pIB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDgwLjI1NS43LjEwOKgEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANoEAggB4AQB8ASZjru2AYgFAZgFAKAFuu-T0O2bwfwUwAUAyQUAAAAAAADwP9IFCQkBCgEBcNgFAeAFAfAFi-tL-gUECAAQAJAGAJgGALgGAMEGASE0AADwP9AG-asB2gYWChAJEhkBmBAAGADgBgHyBgIIAIAHAYgHAKAHAaoHBjY1MTg3McgHutcF0gcNCRExAS8I2gcGAWdwGADgBwDqBwIIAPAHlsUDiggCEACVCAAAgD-YCAE.&s=38d1097e9911c0c8c60539df27d3222436b8a25d
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:18 GMT
AN-X-Request-Uuid
e76b7809-496a-4a17-9ef6-44c448eccaa2
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame D859 		36 B
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2215fd4649fb497a%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876437403%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876437403%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22229d68ceec5581%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%2227a58577-ae93-4eff-9314-c9b0b292d1fb%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%2228485131-9568-4dca-9039-8e0b77d3b7ed%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7beec6101427eb6cae4641807057ed8f63c961ba47ce4245460752034775e5fc

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hyFr9d9el8NsywLin%2B1t8R2QfilYNr0SqpXO2BwgZnze6fNb%2Bdegs3Zd2cMHvColQBSs%2BtdyXqZ%2FeNbBHyO2chgh5wz4c4JXjg4xWIVlKAjLDzMHstDbaoqgBJXuhRBPddZqhaVh"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e8877f8b80696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame D859 		334 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876437403&tk_flint=pbjs_lite_v7.19.0&x_source.tid=27a58577-ae93-4eff-9314-c9b0b292d1fb&l_pb_bid_id=42bb07d489b9ba&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8857386709238466
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
026640563b84b80daf8bd9128ce7ad0b239f6ba362121ace522e4e7ed9fb3b25

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:18 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
334
expires
Wed, 17 Sep 1975 21:32:10 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame D859 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:18 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
v1
prg.smartadserver.com/prebid/ Frame D859 		171 B
561 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:18 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame D859 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=98352792846&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:18 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
prebid
ib.adnxs.com/ut/v3/ Frame D859 		139 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
9a029db7eb53dcd49c104986d576184f961ca4bdf083466d7b2518480addde03
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:18 GMT
AN-X-Request-Uuid
af1b7e39-dbdd-4c71-88cf-72b31c2b27ca
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame D859 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:19 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
/
servedby.flashtalking.com/imp/2/171383;6162252;201;js;GroupMCompetenceCenter;DEToyotaAlwaysOnRangeAlwaysOnConvertDisplayLightReactionProspectingSuperBanner0122/ Frame B5EE 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servedby.flashtalking.com/imp/2/171383;6162252;201;js;GroupMCompetenceCenter;DEToyotaAlwaysOnRangeAlwaysOnConvertDisplayLightReactionProspectingSuperBanner0122/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ft_section=17801719_AYGOX_PR_INFRA&ftOBA=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dgsuhtufxa%26e%3D1535582086632&ft_keyword=17801719_AYGOX_PR_INFRA&gdpr=0&gdpr_consent=&cachebuster=933695.9180746984
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.64.122.89 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-64-122-89.deploy.static.akamaitechnologies.com
Software
prod-xre-app28.frk11 /
Resource Hash
0337930cab6c911eaeb47e8b5684e787b8e08ff9cb9cf89255b2cd4815e99b66
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:19 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=86400
Server
prod-xre-app28.frk11
Vary
Accept-Encoding
Content-Type
text/javascript;charset=ISO-8859-1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
723
Expires
Sat, 24 Dec 2022 10:07:19 GMT
v2
odr.mookie1.com/t/ Frame B5EE
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_876576%26src.visitorid%3D%25%25COOKIE%25%25
  • https://odr.mookie1.com/t/v2?tagid=V2_876576&src.visitorid=7180654624183416986&gdpr=0&gdpr_consent=
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_876576&src.visitorid=7180654624183416986&gdpr=0&gdpr_consent=
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=gsuhtufxa&e=1535582086632
Protocol
H2
Server
34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:19 GMT
via
1.1 google
server
Apache
content-type
image/gif;charset=UTF-8
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://odr.mookie1.com/t/v2?tagid=V2_876576&src.visitorid=7180654624183416986&gdpr=0&gdpr_consent=
Date
Sat, 24 Dec 2022 10:07:18 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
trk.js
cdn.adnxs.com/v/s/231/ Frame B5EE 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/231/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a6014f6b98eaeb6078b9e1c953c61f33af95d5f4866d89a416d01b74a0dd6c27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Expires
Wed, 06 Dec 2023 04:35:13 GMT
Date
Sat, 24 Dec 2022 10:07:19 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
1575126
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27455
X-Served-By
cache-lga13620-LGA, cache-hhn-etou8220054-HHN
Last-Modified
Wed, 30 Nov 2022 10:07:25 GMT
Server
AkamaiNetStorage
X-Timer
S1671876439.058284,VS0,VE0
ETag
"48b9fe7fe4120aea6f95a30f505d7b35:1669802845.0694"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
17, 1295411
it
fra1-ib.adnxs.com/ Frame B5EE 		0
930 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fforward.com%252F&e=wqT_3QKNC_BMjQUAAAMA1gAFAQjVnpudBhDAu6a6ptvu6k8Yja-4qpOZ7ppWKjYJbqMBvAUShD8Rjrw5fbkmfz8ZAAAAgD0K7z8hjrw5fbkmfz8pbqMJJPCBMQAAAEDhepQ_MJeHhQw4mFBAqTlIAlCgxcedAViezX9gAGix8pcBeL2IBoABAYoBA1VTRJIBA0VVUpgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAml1ZignYScsIDE2OTQzNjgsIDApO3VmKCdpJywgNTI0OTAyMBUULGcnLCAxNzgwMTcxORUVMHMnLCAyNzY2MTc1MDAVFjByJywgMzMwNDI0OTkyBRbwtpIC8QQhd1hndXBBaXo2WkFaRUtERng1MEJHQUFnbnMxX01BRTRBRUFBU0trNVVKZUhoUXhZQUdDOUJtZ0FjQUI0QUlBQkFJZ0JBSkFCQVpnQkFhQUJBcWdCQXJBQkFMa0Izd0FGUlozcWdqX0JBWGRzZ0owV0U0UV95UUVBQUFBQUFBRHdQOWtCU0RNV1RXY243al9nQWZ5dndBTDFBWVhya1QtWUFnQ2dBZ0MxQWdBQUFBQzlBZwE58FVEQUFnRElBZ0RRQWdEWUFnRGdBdm5jbVNIb0FvZmFscDBHLUFJQWdBTUJtQU1Cb2dNT0NQdXR2aWNRQkJnQkxUbEtPRHFpQXc0SS1keVpJUkFKR0FJdAFagEFLSURFd2l4LU40bUVBb1lBUzExWUpZX01nTjFibXVpQRk0BExHETTATG9EQ1VaU1FURTZOall5T2VBRGlEQ0FCTGlqaXdpSUJPdl9xQWlRQkFHWUJBVEJCQQVqBQEIeVFRBQgFARhOZ0VBUEVFBQwFAVBDSUJlVXptQVdjc3ZPREFha0ZTRE0tLAgteEIdOwh3UVUFMgUBCE1rRgEIHFlOSmQ3el9SLigAADIVKPBDRHdQLUFGMUFmd0JmZkR2Z2o0QmFDMVo0SUdBMFZWVW9nR0FKQUdBWmdHQUtFR1BRclhvM0E5OGotb0JnU3lCaVFKQUEBZgUBAFIFBgkBAFoJBwUBAGgFBgUBQEM0QmdvLpoCmQEha0JVLUpnOnUCLEo3TmZ5QUFLQUF4UBVtBDg2MlkBQFVDSU1FbElNeFpOWnlmdVAxPSwERmsFZwUBAEcdGABHHRgASB0YDEhnQWkuiQLw9XcuLtgCAOACm4VO6gIUaHR0cHM6Ly9mb3J3YXJkLmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APw0pIB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDgwLjI1NS43LjEwOKgEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANIEDjczMzcjRlJBMTo2NjI52gQCCAHgBAHwBKDFx50BiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFhQH6BQQIABAAkAYAmAYAuAYAwQYAAAElKPA_0Aa0JdoGFgoQAQ8uAQB0EAAYAOAGAfIGAggAgAcBiAcAoAcByAe9iAbSBw0JESoBJgzaBwYIBQlo4AcA6gcCCADwB5bFA4oIAhAAlQgAAIA_mAgB&s=bece0156ede62446068730dcc753cd737a157cc9
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:18 GMT
AN-X-Request-Uuid
51f8723f-a120-4108-aaf3-f564a26dffba
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dcmads.js
www.googletagservices.com/dcm/ Frame 2F0C 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9406a92f81fad251295cd64386a8bb62ee7503f589ae1b96893faae2f4fcb18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 09:31:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2124
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10900
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 17:19:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 24 Dec 2022 10:31:54 GMT
apn
beacon.sojern.com/imp/ Frame 2F0C 		42 B
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.sojern.com/imp/apn?auc=2378070731381729339&cr=240637446&seg=&st=0&bp=0.01307&pp=0.01307&aaid=&idfa=&ord=1038714079
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
119.244.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
date
Sat, 24 Dec 2022 10:07:19 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
vary
Accept-Encoding
content-type
image/gif
ca
choices.truste.com/ Frame 2F0C 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.truste.com/ca?pid=sojern01&aid=sojern02_d&cid=0&c=1038714079&sz=728x90&js=st_dapp
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-7.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
3cef1864f3b4a587c446729a5ee0eb8ae906ec76154e956b797e467c653d0024
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 ff2bcb2d3b4a3d9e0615ddd1033c38c4.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop
FRA2-C2
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
918
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
text/javascript;charset=UTF-8
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
DdkI3rVfR1rHrZK1mnE7kj458q8R7Ojqmu5fl2R56GkAy3yosAGn8Q==
expires
Mon, 26 Jul 1997 05:00:00 GMT
trk.js
cdn.adnxs.com/v/s/231/ Frame 2F0C 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/231/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a6014f6b98eaeb6078b9e1c953c61f33af95d5f4866d89a416d01b74a0dd6c27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Expires
Wed, 06 Dec 2023 04:35:13 GMT
Date
Sat, 24 Dec 2022 10:07:19 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
1575126
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27455
X-Served-By
cache-lga13620-LGA, cache-hhn-etou8220027-HHN
Last-Modified
Wed, 30 Nov 2022 10:07:25 GMT
Server
AkamaiNetStorage
X-Timer
S1671876439.014970,VS0,VE0
ETag
"48b9fe7fe4120aea6f95a30f505d7b35:1669802845.0694"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
17, 1439424
it
fra1-ib.adnxs.com/ Frame 2F0C 		0
930 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fforward.com%252F&e=wqT_3QKmCvBMJgUAAAMA1gAFAQjWnpudBhC70IvWsNemgCEYja-4qpOZ7ppWKjYJMUJ4tHHEij8RIJMq4A7zgz8ZAAAAgD0K7z8hIJMq4A7zgz8pMUIJJPCBMQAAAEDhepQ_MJeHhQw4mFBA6j9IAlCGrN9yWJ7Nf2AAaLHylwF4yoQGgAEBigEDVVNEkgEDRVVSmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCU3VmKCdhJywgNDgxOTI1OCwgMCk7dWYoJ2knLCA1NDQxNjc5LBEUMGcnLCAxMzk5Mzg0NiwRFShyJywgMjQwNjM3NA0W9BcBkgKlBCFwR2l1bHdqbjRwVVhFSWFzMzNJWUFDQ2V6WDh3QURnQVFBQkk2ajlRbDRlRkRGZ0FZTDBHYUFCd0FIZ0FnQUVBaUFFQWtBRUJtQUVCb0FFQnFBRUJzQUVBdVFFNmlZZEM2OGFLUDhFQk9vbUhRdXZHaWpfSkFRQUFBQUFBQVBBXzJRRUFBQUFBQUFEd1AtQUJqNUhNQXZVQnpjek1QWmdDQUtBQ0FiVUNBQUFBQUwwQ0FBQUFBTUFDQU1nQ0FOQUNBTmdDQU9BQ0FPZ0NBUGdDQUlBREFaZ0RBYm9EQ1VaU1FURTZOak01TmVBRGlEQ0FCTXUyd3dXSUJNeTJ3d1dRQkFHWUJBRzZCQm9JaFFRUkFBQQGaEEEwRDhaBQkJARxnZ3NhTERzRRGtFEEwRF9KQgkcBQEUMkFRQThREdlgQUFBSWdGLXpHcEJVZ3pGazFuSi00X3NRVQEaCQEYTUVGbXBtWgECEHVUX0pCATscSUJTdk1BXzAuKAAITmtGCTHIQUE4RF9nQlpzSzhBWDJqdFlHLUFXNmtxWUNnZ1lEVlZORWlBWUFrQVlCbUFZQW9RYWFtBV4wbTVQNmdHQkxJR0pBaxFLCEFBQhXLDEFBQmsZGABDHRhETGdHQ2cuLpoClQEhRGhZbU5BNikCKG5zMV9JQUFvQURHGW1Mem9KUmxKQk1UbzJNemsxUUlnd1MB3QEBDFBBX1URDAxBQUFXHQwAWREMDE5BX2ERDAxBQUFjHQwQZUFDSkEREPDQUEFf2AIA4AKbhU7qAhRodHRwczovL2ZvcndhcmQuY29tL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA_DSkgHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMODAuMjU1LjcuMTA4qAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA0gQOODE3MCNGUkExOjYzOTXaBAIIAeAEAfAEhqzfcogFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAJDnDYBQHgBQHwBbTKKPoFBAgAEACQBgCYBgC4BgDBBgkjKPA_0AboKdoGFgoQCREZAXQQABgA4AYB8gYCCACABwGIBwCgBwHIB8qEBtIHDQkRKAEmCNoHBgFdcBgA4AcA6gcCCADwB5bFA4oIAhAAlQgAAIA_mAgB&s=a2b2c74708a0eb85d3df029ddf7b9878887fed88
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:18 GMT
AN-X-Request-Uuid
7bf89111-c004-4b2c-944f-58e6d035e210
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dcmads.js
www.googletagservices.com/dcm/ Frame 3516 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9406a92f81fad251295cd64386a8bb62ee7503f589ae1b96893faae2f4fcb18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 09:31:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2124
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10900
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 17:19:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 24 Dec 2022 10:31:54 GMT
apn
beacon.sojern.com/imp/ Frame 3516 		42 B
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.sojern.com/imp/apn?auc=2665707921651158563&cr=277208876&seg=&st=0&bp=0.01098&pp=0.01098&aaid=&idfa=&ord=1238630086
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
119.244.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
date
Sat, 24 Dec 2022 10:07:19 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
vary
Accept-Encoding
content-type
image/gif
ca
choices.truste.com/ Frame 3516 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.truste.com/ca?pid=sojern01&aid=sojern02_d&cid=0&c=1238630086&sz=728x90&js=st_dapp
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-7.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
3cef1864f3b4a587c446729a5ee0eb8ae906ec76154e956b797e467c653d0024
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 ff2bcb2d3b4a3d9e0615ddd1033c38c4.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop
FRA2-C2
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
918
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
text/javascript;charset=UTF-8
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
MEIqv0XRypLBNiBT051S-y0rUUCvg0BjXl1jcEJAa9yicPDFxR9CbA==
expires
Mon, 26 Jul 1997 05:00:00 GMT
trk.js
cdn.adnxs.com/v/s/231/ Frame 3516 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/231/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a6014f6b98eaeb6078b9e1c953c61f33af95d5f4866d89a416d01b74a0dd6c27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Expires
Wed, 06 Dec 2023 04:35:13 GMT
Date
Sat, 24 Dec 2022 10:07:19 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
1575126
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27455
X-Served-By
cache-lga13620-LGA, cache-hhn-etou8220052-HHN
Last-Modified
Wed, 30 Nov 2022 10:07:25 GMT
Server
AkamaiNetStorage
X-Timer
S1671876439.017679,VS0,VE0
ETag
"48b9fe7fe4120aea6f95a30f505d7b35:1669802845.0694"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
17, 2166484
it
fra1-ib.adnxs.com/ Frame 3516 		0
930 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fforward.com%252F&e=wqT_3QKsCvBMLAUAAAMA1gAFAQjWnpudBhCjnNmHs-ef_yQYja-4qpOZ7ppWKjYJBdhHp658hj8Rb10a0GXCgD8ZAAAAgD0K7z8hb10a0GXCgD8pBtgJJPCBMQAAAEDhepQ_MJeHhQw4mFBA6j9IAlCsvpeEAViezX9gAGix8pcBeMSIBoABAYoBA1VTRJIBA0VVUpgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAlN1ZignYScsIDQzNDA4MDIsIDApO3VmKCdpJywgMzgxMTU4MRUULGcnLCAxMTQxNjA4MxUVMHInLCAyNzcyMDg4NzYFFvCLkgKlBCFHR2ptUWdqZ3h2MFNFS3ktbDRRQkdBQWduczFfTUFBNEFFQUFTT29fVUplSGhReFlBR0M5Qm1nQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkFhZ0JBYkFCQUxrQnRvNDZINlI3aGpfQkFiYU9PaC1rZTRZX3lRRUFBQUFBQUFEd1A5a0JBQUEFDnQ4RF9nQWYzUjZBSDFBYzNNekQyWUFnQ2dBZ0cxQWcBIwRDOQkI8FtEQUFnRElBZ0RRQWdEWUFnRGdBZ0RvQWdENEFnQ0FBd0dZQXdHNkF3bEdVa0V4T2pZMk16RGdBNGd3Z0FUa2hjQURpQVNUNXRNRGtBUUJtQVFCdWdRYUNJVUVFUQFoHEFBQU5BX0dRAQkJASBJSUxHaXc3QkIJDwUgBHlRHSEYTmdFQVBFRREfXEFBQ0lCZVl6cVFWSU14Wk5aeWZ1UDdFRhkgGERCQlpxWm0BAkBia195UVVBQUFCQWpCcThQOTIoAARaQhFnwFBBXzRBWEtDUEFGay1TNEJmZ0Z3dmlJQW9JR0ExVlRSSWdHQUpBR0FaZ0dBS0VHbXAFXjBadVQtb0JnU3lCaVFKGYAEQVIdDABaHQwAaBkMPEM0QmdvLpoCmQEhU1JhWVU-KQIoSjdOZnlBQUtBQXgZbVA4NkNVWlNRVEU2TmpZek1FQ0lNRWsNVAxEd1AxPSQARhEYDEFBQUcRGAxEUVAyHRgASBEYGEFBQUhnQWkuPQLw9XcuLtgCAOACm4VO6gIUaHR0cHM6Ly9mb3J3YXJkLmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APw0pIB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDgwLjI1NS43LjEwOKgEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANIEDjgxNzAjRlJBMTo2NjMw2gQCCAHgBAHwBKy-l4QBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFpMYq-gUECAAQAJAGAJgGALgGAMEGAAUlKPA_0AboKdoGFgoQBRAdAXQQABgA4AYB8gYCCACABwGIBwCgBwHIB8SIBtIHDQkRKQEmCNoHBgFdcBgA4AcA6gcCCADwB5bFA4oIAhAAlQgAAIA_mAgB&s=1ecec8ff2f9040b876dbc1edd9f4064982229c96
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:18 GMT
AN-X-Request-Uuid
c9d29317-3b7a-4090-ba5c-501ea3d80674
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dcmads.js
www.googletagservices.com/dcm/ Frame BE2C 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9406a92f81fad251295cd64386a8bb62ee7503f589ae1b96893faae2f4fcb18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 09:31:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2124
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10900
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 17:19:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 24 Dec 2022 10:31:54 GMT
apn
beacon.sojern.com/imp/ Frame BE2C 		42 B
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.sojern.com/imp/apn?auc=2515534623547100295&cr=240664030&seg=&st=0&bp=0.0114&pp=0.0114&aaid=&idfa=&ord=1988710481
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
119.244.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
date
Sat, 24 Dec 2022 10:07:19 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
vary
Accept-Encoding
content-type
image/gif
ca
choices.truste.com/ Frame BE2C 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.truste.com/ca?pid=sojern01&aid=sojern02_d&cid=0&c=1988710481&sz=728x90&js=st_dapp
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-7.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
3cef1864f3b4a587c446729a5ee0eb8ae906ec76154e956b797e467c653d0024
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 ff2bcb2d3b4a3d9e0615ddd1033c38c4.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop
FRA2-C2
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
918
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
text/javascript;charset=UTF-8
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
RetoMQEo7i6VWoTnIogukRcZ-ujswlB0tHnbSLbdBOoGd61Bau2Npg==
expires
Mon, 26 Jul 1997 05:00:00 GMT
trk.js
cdn.adnxs.com/v/s/231/ Frame BE2C 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/231/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a6014f6b98eaeb6078b9e1c953c61f33af95d5f4866d89a416d01b74a0dd6c27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Expires
Wed, 06 Dec 2023 04:35:13 GMT
Date
Sat, 24 Dec 2022 10:07:19 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
1575126
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27455
X-Served-By
cache-lga13620-LGA, cache-hhn-etou8220062-HHN
Last-Modified
Wed, 30 Nov 2022 10:07:25 GMT
Server
AkamaiNetStorage
X-Timer
S1671876439.025535,VS0,VE0
ETag
"48b9fe7fe4120aea6f95a30f505d7b35:1669802845.0694"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
17, 1432159
it
fra1-ib.adnxs.com/ Frame BE2C 		0
930 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fforward.com%252F&e=wqT_3QKmCvBMJgUAAAMA1gAFAQjWnpudBhCHmeLFmK2-9CIYja-4qpOZ7ppWKjYJ0ytlGeJYhz8R2iRB44JmgT8ZAAAAgD0K7z8h2iRB44JmgT8p0ysJJPCBMQAAAEDhepQ_MJeHhQw4mFBA6j9IAlDe--ByWJ7Nf2AAaLHylwF4mogGgAEBigEDVVNEkgEDRVVSmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCU3VmKCdhJywgNDgyMDI3NCwgMCk7dWYoJ2knLCA0ODI1ODE0LBEUMGcnLCAxMjczODk2NywRFTByJywgMjQwNjY0MDMwBRb0FwGSAqUEIVlXa0hnQWkza3RVVkVONzc0SElZQUNDZXpYOHdBRGdBUUFCSTZqOVFsNGVGREZnQVlMMEdhQUJ3QUhnQWdBRUFpQUVBa0FFQm1BRUJvQUVCcUFFQnNBRUF1UUdvVV8yX29WcUhQOEVCcUZQOXY2RmFoel9KQVFBQUFBQUFBUEFfMlFFQUFBQUFBQUR3UC1BQjFzV21BdlVCemN6TVBaZ0NBS0FDQWJVQ0FBQUFBTDBDQUFBQUFNQUNBTWdDQU5BQ0FOZ0NBT0FDQU9nQ0FQZ0NBWUFEQVpnREFib0RDVVpTUVRFNk5qWXhOLUFEaURDQUJQRDh4UVNJQkxTUnpBU1FCQUdZQkFHNkJCb0loUVFSQUFBAZoQQTBEOFoFCQkBHGdnc2FMRHNFEa0UQTBEX0pCCRwFARQyQVFBOFER2WBBQUFJZ0YyVE9wQlVnekZrMW5KLTRfc1FVARoJARhNRUZtcG1aAQIQdVRfSkIBOxxFQkpNYjBfMC4oAAhOa0YJMchBQThEX2dCZlFJOEFXWHc0a0ctQVd5bXFZQ2dnWURWVk5FaUFZQWtBWUJtQVlBb1FhYW0FXjRtNVA2Z0dCTElHSkFrQRUBAEIVywxBQUJrFRcEQUMdGERMZ0dDZy4umgKVASFjUmJMV1E2KQIobnMxX0lBQW9BREcZbUx6b0pSbEpCTVRvMk5qRTNRSWd3UwHdAQEMUEFfVREMDEFBQVcdDABZEQwMTkFfYREMDEFBQWMdDBBlQUNKQREQ8NBQQV_YAgDgApuFTuoCFGh0dHBzOi8vZm9yd2FyZC5jb20vgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgD8NKSAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBAw4MC4yNTUuNy4xMDioBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADSBA44MTcwI0ZSQTE6NjYxN9oEAggB4AQB8ATe--ByiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAkOcNgFAeAFAfAFjbwp-gUECAAQAJAGAJgGALgGAMEGCSMo8D_QBugp2gYWChAJERkBdBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHmogG0gcNCREoASYI2gcGAV1wGADgBwDqBwIIAPAHlsUDiggCEACVCAAAgD-YCAE.&s=c90d3943a8282bb2e8bed8ece5f53e576d02b9ff
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:19 GMT
AN-X-Request-Uuid
924cea3a-f258-4ae8-928d-9668098d8272
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
2001415.html
sync.serverbid.com/ss/ Frame 60A4 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.serverbid.com/ss/2001415.html
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-forward-com.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-97.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
be07ad2ab9552eb3f2ff1d133b2593f9c25471d4835350220527ca5d2bda4f27

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
3854
content-encoding
br
content-type
text/html
date
Sat, 24 Dec 2022 09:43:37 GMT
etag
W/"653e0e21c26bb39745183acf2ffef8b8"
last-modified
Sun, 11 Dec 2022 21:13:46 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 1bf129b8787cf2e96d3bce725554e4d4.cloudfront.net (CloudFront)
x-amz-cf-id
HpN5oM-NtNDLdUDpqVripR03-ZQVJtQnE6wsDiREBbBfN-Sfwxt42g==
x-amz-cf-pop
FRA2-C2
x-cache
Hit from cloudfront
2001415.html
sync.serverbid.com/ss/ Frame 7502 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.serverbid.com/ss/2001415.html
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-forward-com.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-97.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
be07ad2ab9552eb3f2ff1d133b2593f9c25471d4835350220527ca5d2bda4f27

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
3854
content-encoding
br
content-type
text/html
date
Sat, 24 Dec 2022 09:43:37 GMT
etag
W/"653e0e21c26bb39745183acf2ffef8b8"
last-modified
Sun, 11 Dec 2022 21:13:46 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 1bf129b8787cf2e96d3bce725554e4d4.cloudfront.net (CloudFront)
x-amz-cf-id
S4VH64EsgLoUeO3PWW9C2blAZ3c5g0zVJcYoVHY54rYo4LTbCfr0Jg==
x-amz-cf-pop
FRA2-C2
x-cache
Hit from cloudfront
2001415.html
sync.serverbid.com/ss/ Frame BF67 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.serverbid.com/ss/2001415.html
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-forward-com.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-97.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
be07ad2ab9552eb3f2ff1d133b2593f9c25471d4835350220527ca5d2bda4f27

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
3854
content-encoding
br
content-type
text/html
date
Sat, 24 Dec 2022 10:07:19 GMT
etag
W/"653e0e21c26bb39745183acf2ffef8b8"
last-modified
Sun, 11 Dec 2022 21:13:46 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 1bf129b8787cf2e96d3bce725554e4d4.cloudfront.net (CloudFront)
x-amz-cf-id
rYLSvIEg2PNbTtMPLHoFYcb0OFcTCGOK50ZDmGQYuZUot5C9lBWMng==
x-amz-cf-pop
FRA2-C2
x-cache
Hit from cloudfront
2001415.html
sync.serverbid.com/ss/ Frame 5B14 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.serverbid.com/ss/2001415.html
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-forward-com.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-97.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
be07ad2ab9552eb3f2ff1d133b2593f9c25471d4835350220527ca5d2bda4f27

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
3854
content-encoding
br
content-type
text/html
date
Sat, 24 Dec 2022 10:07:19 GMT
etag
W/"653e0e21c26bb39745183acf2ffef8b8"
last-modified
Sun, 11 Dec 2022 21:13:46 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 1bf129b8787cf2e96d3bce725554e4d4.cloudfront.net (CloudFront)
x-amz-cf-id
fZ-onmMACctTC0ixXQs8av3wLORT7bLhGciqvB0pVQLEbZRPlE5MRA==
x-amz-cf-pop
FRA2-C2
x-cache
Hit from cloudfront
2001415.html
sync.serverbid.com/ss/ Frame 77F6 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.serverbid.com/ss/2001415.html
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-forward-com.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-97.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
be07ad2ab9552eb3f2ff1d133b2593f9c25471d4835350220527ca5d2bda4f27

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
3854
content-encoding
br
content-type
text/html
date
Sat, 24 Dec 2022 10:07:19 GMT
etag
W/"653e0e21c26bb39745183acf2ffef8b8"
last-modified
Sun, 11 Dec 2022 21:13:46 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 1bf129b8787cf2e96d3bce725554e4d4.cloudfront.net (CloudFront)
x-amz-cf-id
yMkDf-dftk6Rawwg_mH5SGk2T2YM-6qoXVB8-0_wlD28RivPhADkXw==
x-amz-cf-pop
FRA2-C2
x-cache
Hit from cloudfront
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://forward.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://forward.com
access-control-max-age
600
age
0
content-length
0
date
Sat, 24 Dec 2022 10:07:19 GMT
server
ATS/9.1.10.25
cookie_sync
prebid.bidstreamserver.com/ Frame 64CC 		1 KB
710 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.bidstreamserver.com/cookie_sync
Requested by
Host: ads.bidstreamserver.com
URL: https://ads.bidstreamserver.com/js/prebid-bidstream-7.16.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.227.116.104 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
prebid2.advertserve.com
Software
nginx /
Resource Hash
7b52f05b443860d345ed5e6571a2881f66cc2125ebdca78c5b0af4bb58516ecb
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:19 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
application/json; charset=utf-8
access-control-allow-origin
https://forward.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
0
auction
prebid.bidstreamserver.com/openrtb2/ Frame 64CC 		269 B
485 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.bidstreamserver.com/openrtb2/auction
Requested by
Host: ads.bidstreamserver.com
URL: https://ads.bidstreamserver.com/js/prebid-bidstream-7.16.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.227.116.104 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
prebid2.advertserve.com
Software
nginx /
Resource Hash
2d1790c643b2c0ac983a16525b7b7309d2ed08c73bd55589972c60ea3b62ab52
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:19 GMT
content-encoding
gzip
server
nginx
x-prebid
pbs-go/unknown
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
application/json
access-control-allow-origin
https://forward.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
0
v1
prg.smartadserver.com/prebid/ Frame 64CC 		0
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: ads.bidstreamserver.com
URL: https://ads.bidstreamserver.com/js/prebid-bidstream-7.16.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:18 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://forward.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
translator
hbopenbid.pubmatic.com/ Frame 64CC 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: ads.bidstreamserver.com
URL: https://ads.bidstreamserver.com/js/prebid-bidstream-7.16.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://forward.com
date
Sat, 24 Dec 2022 10:07:18 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 64CC 		278 B
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23684&site_id=435482&zone_id=2492270&size_id=15&rp_schain=1.0,1!bidstreammedia.com,637,1,,,&eid_pubcid.org=6f087773-b138-4697-9406-4a3911f5ba37%5E1&rf=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F&tg_i.pbadslot=SW_-_forward.com_300x250&tk_flint=pbjs_lite_v7.16.0&x_source.tid=089d7829-264b-4133-ac9f-2eb516665351&l_pb_bid_id=149d0996703789e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=SW_-_forward.com_300x250&slots=1&rand=0.6019078390830872
Requested by
Host: ads.bidstreamserver.com
URL: https://ads.bidstreamserver.com/js/prebid-bidstream-7.16.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
955ea8289ee4b59ef29fdc3e80f34228fab1500235e46c8cb112c71e6a2b1bae

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:19 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://forward.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
278
expires
Wed, 17 Sep 1975 21:32:10 GMT
bidRequest
c2shb.pubgw.yahoo.com/ Frame 64CC 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: ads.bidstreamserver.com
URL: https://ads.bidstreamserver.com/js/prebid-bidstream-7.16.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
864b7e0e639f10dd791564ef95765640f8915ee5c739af11c869a9d6ae4d1ea2

Request headers

Referer
https://forward.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 24 Dec 2022 10:07:19 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://forward.com
access-control-allow-credentials
true
content-length
66
prebid
ib.adnxs.com/ut/v3/ Frame 64CC 		15 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.bidstreamserver.com
URL: https://ads.bidstreamserver.com/js/prebid-bidstream-7.16.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b2653403395dcd905e5d0e9bcfe3fd9b93228a68546704cb2ff263ba493c34ab
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 24 Dec 2022 10:07:19 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
035a78ed-58fd-4d4f-ae98-d4d69108bede
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://forward.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ Frame 64CC 		24 B
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.16.0
Requested by
Host: ads.bidstreamserver.com
URL: https://ads.bidstreamserver.com/js/prebid-bidstream-7.16.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
7263af95d2f5733c4782c1ed753f6fcc28764e776ac72b58568b86da0ccfa76a

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 24 Dec 2022 10:07:19 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://forward.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://forward.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://forward.com
access-control-max-age
600
age
0
content-length
0
date
Sat, 24 Dec 2022 10:07:19 GMT
server
ATS/9.1.10.25
cookie_sync
prebid.bidstreamserver.com/ Frame 2E2E 		1 KB
710 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.bidstreamserver.com/cookie_sync
Requested by
Host: ads.bidstreamserver.com
URL: https://ads.bidstreamserver.com/js/prebid-bidstream-7.16.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.227.116.104 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
prebid2.advertserve.com
Software
nginx /
Resource Hash
ca4381b0dea3fdce96966f4880824d475bb35b8e75eae37cb5dc3db7aba9dc30
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:19 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
application/json; charset=utf-8
access-control-allow-origin
https://forward.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
0
auction
prebid.bidstreamserver.com/openrtb2/ Frame 2E2E 		268 B
486 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.bidstreamserver.com/openrtb2/auction
Requested by
Host: ads.bidstreamserver.com
URL: https://ads.bidstreamserver.com/js/prebid-bidstream-7.16.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.227.116.104 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
prebid2.advertserve.com
Software
nginx /
Resource Hash
c7e38babd4e42ddcbae210fd7794831d215a9f8e81888c0dfcb607816ca629f9
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:19 GMT
content-encoding
gzip
server
nginx
x-prebid
pbs-go/unknown
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
application/json
access-control-allow-origin
https://forward.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
0
prebid
ib.adnxs.com/ut/v3/ Frame 2E2E 		13 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.bidstreamserver.com
URL: https://ads.bidstreamserver.com/js/prebid-bidstream-7.16.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
8e6a5af0318b32ff868d36489c665f4855a5c7657d93a7a524c6ef56ca3ff1fd
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 24 Dec 2022 10:07:19 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
107f2d74-3899-4209-a8f1-e6d648ae31d2
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://forward.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame 2E2E 		171 B
553 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: ads.bidstreamserver.com
URL: https://ads.bidstreamserver.com/js/prebid-bidstream-7.16.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:18 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://forward.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ Frame 2E2E 		24 B
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.16.0
Requested by
Host: ads.bidstreamserver.com
URL: https://ads.bidstreamserver.com/js/prebid-bidstream-7.16.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
db81f09ae3bd3e6f232c5e06e2d10482ccd946031ebd50d11061a786354fd3d3

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 24 Dec 2022 10:07:19 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://forward.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
bidRequest
c2shb.pubgw.yahoo.com/ Frame 2E2E 		66 B
294 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: ads.bidstreamserver.com
URL: https://ads.bidstreamserver.com/js/prebid-bidstream-7.16.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
ca5c9982b4063a0f2822cc2b3f90e8ab3e0042f5d25fec273e1b9c88b0fe8531

Request headers

Referer
https://forward.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 24 Dec 2022 10:07:19 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://forward.com
access-control-allow-credentials
true
content-length
66
translator
hbopenbid.pubmatic.com/ Frame 2E2E 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: ads.bidstreamserver.com
URL: https://ads.bidstreamserver.com/js/prebid-bidstream-7.16.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://forward.com
date
Sat, 24 Dec 2022 10:07:18 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 2E2E 		278 B
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23684&site_id=435482&zone_id=2492270&size_id=15&rp_schain=1.0,1!bidstreammedia.com,637,1,2edd0069-f653-45a1-9407-dcde3be2e060,,&eid_pubcid.org=6f087773-b138-4697-9406-4a3911f5ba37%5E1&rf=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F&tg_i.pbadslot=SW_-_forward.com_300x250&tk_flint=pbjs_lite_v7.16.0&x_source.tid=38ad44d2-624f-45e4-8034-9882ee8c6555&l_pb_bid_id=20116e066b315cf&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=SW_-_forward.com_300x250&slots=1&rand=0.18211527119938853
Requested by
Host: ads.bidstreamserver.com
URL: https://ads.bidstreamserver.com/js/prebid-bidstream-7.16.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
35d08c0926375494bf07fb0d791d46d898879a3a434057265a94c6c83ad8259f

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:19 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://forward.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
278
expires
Wed, 17 Sep 1975 21:32:10 GMT
pubads_impl_2022120501.js
securepubads.g.doubleclick.net/gpt/ Frame 2670 		380 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 12:06:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
79277
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131905
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 09:36:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 23 Dec 2023 12:06:02 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame 2670 		445 B
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=forward.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e2eec9839f427a77f6427a55e2c2f1d54b5a4620a8b30f53de1b1081f0505f8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:19 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
156
x-xss-protection
0
expires
Sat, 24 Dec 2022 10:07:19 GMT
prebid7.19.0.js
hb.adpone.com/ Frame EE01 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=givah&e=1066281148413
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:19 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3238
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=upmo6OTRs%2F%2BSB%2FMuSM5yvu74d67VP0Pnh8LoSKmYQXX5Co6BhpRpo8UvKL4vicUeyQgrKHZzqUi2qz9Toz%2FcaEsasRUlhM6%2BCF4PWS02iIPeVKLJ0BSYk7W2kkcqKmca1Gkou%2BviHd30h0g%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e887812fc59022-FRA
prebid7.19.0.js
hb.adpone.com/ Frame 4317 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=lskbzykrm&e=1066281148413
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:19 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3238
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b1LxmH6BwBL6fmbM%2BK7sXWPZYbDo%2Fby1BFTDUi6l1BXpO2QBIy%2Bmo4hTfX6GSywbMncl5u1tdGCYBqAvHRLmLAJAOw%2BnrbbRciZSY%2Fp6dakszoryoLKxmseLiAAzhRgGDKPC7iqFaX%2BoyLE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e8878148009022-FRA
prebid7.19.0.js
hb.adpone.com/ Frame 1F1D 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=vizblti&e=1066281148413
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:19 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3238
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6eCBg8R6tmynFQs8EKSFpWDUQ7bnfUSQc3Oow0iaGyUW2pJvY558zxw6ajbsDvTOzLtY6JQEYFqmz2tfhHGHeQJtR%2B2Dvtbt68JEJoRBWL0%2BJZHaDctdbc856CUIVOshAzMLAwZzhXf4f6Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e88781480f9022-FRA
prebid7.19.0.js
hb.adpone.com/ Frame D482 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=okdiqcd&e=1066281148413
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:19 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3238
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BoaFZCH%2FafG2DaxeW79fpkKA%2FI8xcxWzXypdztrGbQATTRd7xb4iJXhcwq%2Bp1rfso39kyN6%2FZxNBVMVqWMZ3awN6my91dipmt4c8V1Y30RZaYF2kOKf7%2FNoumCDe3WS3gF4BGYN1ooZ%2FnXg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e8878158349022-FRA
prebid7.19.0.js
hb.adpone.com/ Frame ABE4 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=pizeyir&e=1066281148413
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:19 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3238
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pvQ%2FnkMNZeT0xW7wllXcOprA0LdY6dmF3unYwcsFk7LU%2FVNNREo0kthn6O7ikFFdpGYPwF7sMOFUmYUDkxIIUoQI5JfshkLlkc3hAdGSmK7VyGfCMi0LIMXxWxabuD%2F185cpqmaGU4TeMz8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e88781684b9022-FRA
prebid7.19.0.js
hb.adpone.com/ Frame EE7A 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=xmxoneb&e=1066281148413
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:19 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3238
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sgVM4hLgsEECH0KOozyViDmfNq3uJl1f%2BY2nNFgFFwkZ2Pe3w5RmIuvAqy2D5U53REUKEA17t17AJemDyvw9DVjnGUvdRyQ4kwWA6%2F1ISkS9jWAKVOmXkAmg2GUx3QYkEUTG8FG%2BmyqWMvY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e88781988e9022-FRA
prebid7.19.0.js
hb.adpone.com/ Frame CFBF 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=kvhzjtyfqq&e=1066281148413
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:19 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3238
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZIeYHAN%2Fj04mQgZ1AkWAkqCJa2evQFeWPcdEaOyeu2TsZL%2FqFcI9aHLcjY%2B195Efu0c5IYXQd7cU%2FjW%2FnTayszXBTSfvqXghWQPX1W%2FlraKTdnjbUGGltzh8SAVAGkJFhcOgoEw%2BRUCrEMM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e88781a8b19022-FRA
prebid7.19.0.js
hb.adpone.com/ Frame 0F1D 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=efkknsne&e=1066281148413
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:19 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3238
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K%2F01Fi9CNg%2FzdFEKjnqQIrDluuDE1WnHReHcbYeUTzMEvSmMATKVyE8Sp%2FYPTyCUp5a%2FZ4k6NTPoF7GnXoSrYozUrF2l9bIQe%2BcOTLJxZskq5ubW48QBJxA9y2UpDanzu90c7xOTvjkLu1Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e88781c8e09022-FRA
prebid7.19.0.js
hb.adpone.com/ Frame 07B2 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=elprofvcf&e=1066281148413
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:19 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3238
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qForjzfVe2iTGmqW%2Be1atgMTZbY1UPMiSpOgtg%2BdJ9gN7mXUXf8IHlyK1zteLQGFj5X0wVK1nJQKAl81R6Rcf1%2Bjxh%2BDPLZ7JEnRmmcxCtmRRCVAh1OfjTq%2BHwSC1lm8OjVNMR4Netsu1Pg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e88781c8ee9022-FRA
prebid7.19.0.js
hb.adpone.com/ Frame ECC5 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=uzafkcyj&e=1066281148413
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:19 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3238
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xqLsP4bcYex%2BLUERNLiYvFx4%2B%2Bv%2F%2Bb4mPncQSBnvoi0GYzb3zFdx49ZAT3%2Fo9Z2aEF%2FRaZQgxi8W1yquarK2cgKEWvAgkdgetaKoWAoaBrcweJl8rqArI8DKupPZhkQzAV0Wl75jd6drFRE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e88781d9069022-FRA
prebid7.19.0.js
hb.adpone.com/ Frame 2B0F 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=inlu&e=1066281148413
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:19 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3238
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R4oJPg28sI8T3ZqHMKWtqB7FWVCNeJcGqteWAbnQvNJYyJC1njXKOQXNEWwG%2FBpZbbu3kaPBxLZxUMMeY6GKS6Cx7orfXjok0o%2BgZtla901wQVEHzXtLKROkGNkVT%2FR5LUBDx1t7XwjNmoQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e88781e91a9022-FRA
prebid7.19.0.js
hb.adpone.com/ Frame 7CDF 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=jmbcovogv&e=1066281148413
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:19 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3238
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HnBsD%2FUtgHg9zDRj6cLv9HCirZZibgMGnpbpLVD%2FTOTNY1BIoyRFWRHdP5gasLc7MyugWMIj2kqRAa6RP3EUqmVr1EVl%2BIjSGGOhYIg6HPBva7ButPzlSr%2F2ISh8uxouTDGd7eFbjVIDbDA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e88781f9309022-FRA
impl_v92.js
www.googletagservices.com/dcm/ Frame 8045 		60 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v92.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8acf96115cb55ad61bfdc24b7918a946d1b983ac14062a584dbbe8744021430a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 18 Dec 2022 01:33:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
549249
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23563
x-xss-protection
0
last-modified
Mon, 07 Nov 2022 16:32:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 18 Dec 2023 01:33:10 GMT
prebid7.19.0.js
hb.adpone.com/ Frame C3A1 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=fjuorydv&e=1066281148413
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:19 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3238
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HqU04YT86faBQM8%2FybF%2BfegH9a5u12n02clsRO9vvTMLRzu%2BagyDRamAcRbnlJkp1MYh2RUUKo1%2FZI1h1fQZ9EhbGtPbxu8eoR4TllOHyGXyNe2Bihb8pIoXTJN7KqEiI7fQUKcO3wp%2B%2FP0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e8878209479022-FRA
prebid7.19.0.js
hb.adpone.com/ Frame A88D 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=ialitks&e=1066281148413
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:19 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3238
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uWNGWu2Vw%2FH4RvQzXKCaSic4RJyYh6sQnJVeO9xomzZTFZqkSIOm%2FhqHtcsMj1v7rKPm55PeoMJCNWMYtaFtbDCNO%2F5fX3yGO9XKK%2BKeB5NQThuMDBfgjO00HFUopAJ9elSWvrfgDZ8v9V4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e88782195e9022-FRA
pubads_impl_2022120601.js
securepubads.g.doubleclick.net/gpt/ Frame 4B98 		381 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071222
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
949ef00ce71e069fc69a6b829771726245072e18e56b264c536837c459b3febf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 17:13:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60842
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132161
x-xss-protection
0
last-modified
Tue, 06 Dec 2022 09:39:55 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 23 Dec 2023 17:13:17 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame 4B98 		445 B
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=forward.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e2eec9839f427a77f6427a55e2c2f1d54b5a4620a8b30f53de1b1081f0505f8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:19 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
156
x-xss-protection
0
expires
Sat, 24 Dec 2022 10:07:19 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 24 Dec 2022 09:50:44 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
995
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Sat, 24 Dec 2022 11:50:44 GMT
integrator.js
adservice.google.de/adsid/ Frame EF10 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=forward.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame EF10 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=forward.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame EF10 		533 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4286651786911341&correlator=4130998140534285&eid=31071094%2C31071151%2C31071256&output=ldjh&gdfp_req=1&vrg=2022120601&ptt=17&impl=fifs&iu_parts=21671350435%3A22712312433%2C728x90-forward.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=1&adks=617174094&sfv=1-0-40&fsfs=1&prev_scp=hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D728x90%26hb_pb_appnexus%3D0.00%26hb_adid_appnexus%3D178d1859414e8c3%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.00%26hb_adid%3D178d1859414e8c3%26hb_bidder%3Dappnexus&eri=1&sc=1&cookie=ID%3D00d71eeb7218a6f1%3AT%3D1671876435%3AS%3DALNI_MZj7UvGLW8KA8qVkkACX9ZboIyD-A&gpic=UID%3D00000b97e6383860%3AT%3D1671876435%3ART%3D1671876435%3AS%3DALNI_Ma8AlKNCprDUKxC_SPmXoQIE3cynA&abxe=1&dt=1671876439402&lmt=1671876439&dlt=1671876436926&idt=1771&adxs=301&adys=3123&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=1&ucis=pfwn89lfhxof&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=2&url=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F&ref=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F&top=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F&frm=23&vis=1&psz=728x90&msz=728x0&fws=256&ohw=0&ea=0&ga_vid=550322770.1671876434&ga_sid=1671876439&ga_hid=308493178&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e6977ae787fcf9c99799fb70d29437af1a160c76bb79cc0a39abab98547c59eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:19 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
269
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://forward.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame EF10 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a726757d5daf47507e36a6b32c8a26abf66f30b1ecb2ad7a7c080f19893b72e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:19 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11215
x-xss-protection
0
container.html
5910bc36042e5ea26beb34c4e16d8590.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8C8D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5910bc36042e5ea26beb34c4e16d8590.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 24 Dec 2022 10:07:19 GMT
expires
Sun, 24 Dec 2023 10:07:19 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
impl_v92.js
www.googletagservices.com/dcm/ Frame 2F0C 		60 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v92.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8acf96115cb55ad61bfdc24b7918a946d1b983ac14062a584dbbe8744021430a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 18 Dec 2022 01:33:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
549249
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23563
x-xss-protection
0
last-modified
Mon, 07 Nov 2022 16:32:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 18 Dec 2023 01:33:10 GMT
impl_v92.js
www.googletagservices.com/dcm/ Frame 3516 		60 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v92.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8acf96115cb55ad61bfdc24b7918a946d1b983ac14062a584dbbe8744021430a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 18 Dec 2022 01:33:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
549249
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23563
x-xss-protection
0
last-modified
Mon, 07 Nov 2022 16:32:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 18 Dec 2023 01:33:10 GMT
impl_v92.js
www.googletagservices.com/dcm/ Frame BE2C 		60 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v92.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8acf96115cb55ad61bfdc24b7918a946d1b983ac14062a584dbbe8744021430a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 18 Dec 2022 01:33:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
549249
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23563
x-xss-protection
0
last-modified
Mon, 07 Nov 2022 16:32:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 18 Dec 2023 01:33:10 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame D2E8 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 24 Dec 2022 10:07:19 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame 0075 		36 B
507 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221cf2e2819f8c17%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876438115%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876438115%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2227e5b7dc7be50c%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%2249a9ec20-f31c-4449-816f-bf2bd8caa76f%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%22c47601b2-034b-4a4c-9a97-be3e6f59ac97%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
276e75c3d28142c8882cf63700bd997eb86abbd6a5a3f72240c2efd84c4ec09c

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4jnZHkkc%2Fq6%2FiFn8sbSjYrCqna7cGO3pbbu9Ru5bLYrZGrgeeSTOG%2FuWgNoxGTCh4vwZEfDpit4j%2FPJBrBbcFFa%2Bmsp1K3RAVgHVsmhecA%2F1lh5oExolQG2vV%2BqcCVDtJF%2BmhBVy"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e8878288e5696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 0075 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:19 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
translator
hbopenbid.pubmatic.com/ Frame 0075 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:18 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame 0075 		13 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
7757af0b8c2febb31f03de766302e6f6afd7600176cc4232e86a50163df29b24
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 24 Dec 2022 10:07:19 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
7f5ba150-3572-4e61-a725-0b2681308833
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ Frame 0075 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=85854568744&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:18 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 0075 		333 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876438115&tk_flint=pbjs_lite_v7.19.0&x_source.tid=49a9ec20-f31c-4449-816f-bf2bd8caa76f&l_pb_bid_id=126e36f94ec26de&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.06985231705013861
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
0d84b0ca6c2c7ad37db1a5bb63a931381fe1de42c051d2d5938f39fa221c35c4

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:19 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
333
expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
prg.smartadserver.com/prebid/ Frame 0075 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:19 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
banner
ad4.adfarm1.adition.com/ Frame 9CB5 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4.adfarm1.adition.com/banner?sid=3692289&wpt=H&ac=-1&bid=16707077&userid=7124704239831220522&clickurl=https://fra1-ib.adnxs.com/click?DJOpglFJfT9-VZF-uR52PwAAAIAUruc_flWRfrkedj8Mk6mCUUl9Pwoi-xNfWQYwjRdONcm4NVZWz6ZjAAAAAHlDgQEYKAAAYQwAAAIAAAAbqS0XnuYfAAAAAABVU0QARVVSACwB-gAx-QAAAAABAQUCAAAAAMoAoiDSQgAAAAA./bcr=AAAAAAAA8D8=/cnd=%21-hbj2QjX9uMZEJvStrkBGJ7NfyAAKAAxAAAAAAAACEA6CUZSQTE6NjYxOECIMElIMxZNZyfuP1EAAAAAAAAAAFkAAAAAAAAAAGG4HoXrUbieP2kAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MzE2OSNGUkExOjY2MTg=/bn=99364/clickenc=
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad4.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
05294bb7718eba8948bff46635ad0ee937c0e106a315a7533a89016899913695

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 11:07:19 +0100
expires
Sat, 01 Jan 2000 00:00:00 GMT
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pragma
no-cache
server
ADITIONSERVER v1.0
async_usersync.html
acdn.adnxs.com/dmp/ Frame C20A 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
53027
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 24 Dec 2022 10:07:19 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 15 Dec 2022 19:23:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
100, 271617
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220080-HHN
X-Timer
S1671876440.604254,VS0,VE0
rd_log
fra1-ib.adnxs.com/ Frame 73DA 		0
930 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fforward.com%2F&e=wqT_3QLIDfBMyAYAAAMA1gAFAQjWnpudBhCKxOyf8auWgzAYja-4qpOZ7ppWKjYJDJOpglFJfT8RflWRfrkedj8ZAAAAgBSu5z8hflWRfrkedj8pDJMJJPCaMQAAAEDheoQ_MPmGhQw4mFBA4RhIAlCb0ra5AViezX9gAGix8pcBeKSIBoABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJpdWYoJ2EnLCA0NTA2MTg4LCAwKTt1ZignaScsIDc2NTY5MjYsIDApO3VmKCdnJywgMTkxMDI1MDcsIDAJKTxzJywgMjc4NTgwOTIyLCAwCRYwcicsIDM4ODg2ODM3OQUW9IEBkgKJBSFqSC10V1FqWDl1TVpFSnZTdHJrQkdBQWduczFfTUFFNEFFQUFTT0VZVVBtR2hReFlBR0M5Qm1nQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkFxZ0JBckFCQUxrQk5FNWNPNVdXZXpfQkFmUkQ0TFgzUm4wX3lRRUFBQURBek16c1A5a0JTRE1XVFdjbjdqX2dBZDZyMHdQMUFRQUFRRUNZQWdDZ0FnQzFBZ0FBQUFDOUFnQUFBQURBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0SWdfeS1KeEFFR0FFdHdYS3dPYUlERXdpdDBfTW1FQW9ZQVMxbVptWV9NZ04xYm5HaUF3NEltcm1ZSlJBTEdBSXRBQUFBQUxvRENVWlNRVEU2TmpZeE9PQURpRENBQkpIa3FnbUlCTENKcXdtUUJBR1lCQVN5QkFrSXZ1b1JFSl9jcEEyNkJCa0k3UWdSdUI2RjYxRzRuajhaQUFBQUEBy1hBQWd2dW9Sd1FTNEhvWHJVYmllUDhrRQkbAQEYRFlCQUR4QgELDQF4aUFYYU01Z0Z1cDNyaEFHcEJVZ3pGazFuSi00X3NRVQ0mFEFBQU1FRgEHCQE4REpCUUFBQUtBTGF1a18wLigABE5rFSi4OERfZ0Jjc0Y4QVdyOW8wSi1BWE1oSk1DZ2dZRFJWVlNpQVlBa0FZQm1BWUFvUVkJWzRBQUlRS2dHQkxJR0pBaxEUCEFBQh3HBEJrGRgAQx0YQExnR0NnLi6aApkBIS1oYmoyPo0CEEo3TmZ5AbgEQXgRQixDRUE2Q1VaU1FURTYlkUBFQ0lNRWxJTXhaTlp5ZnVQMR1hAEYdeQhHRzQ1ZQAyHRgASB0wDEhnQWlFoQEB8EBEd1B3Li7YAgDgApuFTuoCFGh0dHBzOi8vZm9yd2FyZC5jb20v8gIRCgZBRFZfSUQSBzQ1MDYxODjyAhIKBkNQRwEUBAgxbaMBFQgFQ1ABFAAJdaI88gINCghBRFZfRlJFURIBMAUQHFJFTV9VU0VSBRAAFQkgWENPREUSCUxBTUJPXzEzNvICDAoIQ1BHCRgcAPICCwoHQ1AVDhAQCgVJTwFqCAc3NoU1BSEESU8VITgTCg9DVVNUT01fTU9ERUwBKxQA8gIaChYyFgAgTEVBRl9OQU1FAR0IHgoaNh0ACEFTVAE-EElGSUVEASEcFQoIU1BMSVQBTRni8IaAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APw0pIB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDgwLjI1NS43LjEwOKgEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADSBA4zMTY5I0ZSQTE6NjYxONoEAggB4AQB8ASloiCIBQGYBQCgBf8RARgBwAUAyQUABQEU8D_SBQkJBQt8AAAA2AUB4AUB8AWr70n6BQQIABAAkAYAmAYAuAYAwQYBITAAAPA_0Ab_C9oGFgoQCREZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB6SIBtIHDRVkASYI2gcGAV1wGADgBwDqBwIIAPAHlsUDiggCEACVCAAAgD-YCAE.&s=4ae49b0dd9ea4a2a7ec8b823025b697b787ebab5&bdref=https%3A%2F%2Fforward.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fforward.com%2F,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dcujjtcwp%26e%3D1971603729092,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dcujjtcwp%26e%3D1971603729092&
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:19 GMT
AN-X-Request-Uuid
d947d009-df97-476c-bc90-fc111eb4e3dc
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
trk.js
cdn.adnxs.com/v/s/231/ Frame 73DA 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/231/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a6014f6b98eaeb6078b9e1c953c61f33af95d5f4866d89a416d01b74a0dd6c27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Expires
Wed, 06 Dec 2023 04:35:13 GMT
Date
Sat, 24 Dec 2022 10:07:19 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
1575126
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27455
X-Served-By
cache-lga13620-LGA, cache-hhn-etou8220054-HHN
Last-Modified
Wed, 30 Nov 2022 10:07:25 GMT
Server
AkamaiNetStorage
X-Timer
S1671876439.463098,VS0,VE0
ETag
"48b9fe7fe4120aea6f95a30f505d7b35:1669802845.0694"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
17, 1295413
it
fra1-ib.adnxs.com/ Frame 73DA 		0
930 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fforward.com%252F&e=wqT_3QKoC_BMqAUAAAMA1gAFAQjWnpudBhCKxOyf8auWgzAYja-4qpOZ7ppWKjYJDJOpglFJfT8RflWRfrkedj8ZAAAAgBSu5z8hflWRfrkedj8pDJMJJPCaMQAAAEDheoQ_MPmGhQw4mFBA4RhIAlCb0ra5AViezX9gAGix8pcBeKSIBoABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJpdWYoJ2EnLCA0NTA2MTg4LCAwKTt1ZignaScsIDc2NTY5MjYsIDApO3VmKCdnJywgMTkxMDI1MDcsIDAJKTxzJywgMjc4NTgwOTIyLCAwCRYwcicsIDM4ODg2ODM3OQUW9IEBkgKJBSFqSC10V1FqWDl1TVpFSnZTdHJrQkdBQWduczFfTUFFNEFFQUFTT0VZVVBtR2hReFlBR0M5Qm1nQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkFxZ0JBckFCQUxrQk5FNWNPNVdXZXpfQkFmUkQ0TFgzUm4wX3lRRUFBQURBek16c1A5a0JTRE1XVFdjbjdqX2dBZDZyMHdQMUFRQUFRRUNZQWdDZ0FnQzFBZ0FBQUFDOUFnQUFBQURBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0SWdfeS1KeEFFR0FFdHdYS3dPYUlERXdpdDBfTW1FQW9ZQVMxbVptWV9NZ04xYm5HaUF3NEltcm1ZSlJBTEdBSXRBQUFBQUxvRENVWlNRVEU2TmpZeE9PQURpRENBQkpIa3FnbUlCTENKcXdtUUJBR1lCQVN5QkFrSXZ1b1JFSl9jcEEyNkJCa0k3UWdSdUI2RjYxRzRuajhaQUFBQUEBy1hBQWd2dW9Sd1FTNEhvWHJVYmllUDhrRQkbAQEYRFlCQUR4QgELDQF4aUFYYU01Z0Z1cDNyaEFHcEJVZ3pGazFuSi00X3NRVQ0mFEFBQU1FRgEHCQE4REpCUUFBQUtBTGF1a18wLigABE5rFSi4OERfZ0Jjc0Y4QVdyOW8wSi1BWE1oSk1DZ2dZRFJWVlNpQVlBa0FZQm1BWUFvUVkJWzRBQUlRS2dHQkxJR0pBaxEUCEFBQh3HBEJrGRgAQx0YQExnR0NnLi6aApkBIS1oYmoyPo0CEEo3TmZ5AbgEQXgRQixDRUE2Q1VaU1FURTYlkUBFQ0lNRWxJTXhaTlp5ZnVQMR1hAEYdeQhHRzQ1ZQAyHRgASB0wDEhnQWlFoQEB8NdEd1B3Li7YAgDgApuFTuoCFGh0dHBzOi8vZm9yd2FyZC5jb20vgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgD8NKSAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBAw4MC4yNTUuNy4xMDioBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQOMzE2OSNGUkExOjY2MTjaBAIIAeAEAfAEm9K2uQGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAABDnDYBQHgBQHwBavvSfoFBAgAEACQBgCYBgC4BgDBBgEhMAAA8D_QBv8L2gYWChAJERkBdBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHpIgG0gcNCREoASYI2gcGAV1wGADgBwDqBwIIAPAHlsUDiggCEACVCAAAgD-YCAE.&s=451b0a67521beb866b4dd22de22d467732e97ae7
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:19 GMT
AN-X-Request-Uuid
26b9df37-18e2-48a6-a73f-689bc80f6e82
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
skeleton.js
pixel.adsafeprotected.com/rjss/st/1193981/66062622/ Frame 73DA 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/rjss/st/1193981/66062622/skeleton.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.4.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-4-225.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:19 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
m
secure-gl.imrworldwide.com/cgi-bin/ Frame 73DA 		44 B
752 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn361438&cr=388868379&ce=esome_com&pc=AP_278580922&ci=nlsnci1671&am=4&at=view&rt=banner&st=image&cy=1&gdpr=0&gdpr_consent=&r=324478242
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:3c00:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:19 GMT
via
1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy
cross-origin
content-length
44
pragma
no-cache
server
nginx
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods
POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
x-amz-cf-id
BLYzNVIkUsPIMJumj53Ey4ktShEklYevsdY1erldNOF6v9dR40kA8w==
expires
Thu, 01 Dec 1994 16:00:00 GMT
1x1.gif
imagesrv.adition.com/ Frame 73DA
Redirect Chain
  • https://ad13.adfarm1.adition.com/banner?sid=4317211&gdpr=0&gdpr_consent=&kid=5564120&bid=16870234&wpt=C&ts=%5Btimestamp%5D&prf%5Bcustom_1%5D=%5BCID%5D&prf%5Bcustom_2%5D=%5BGID%5D
  • https://imagesrv.adition.com/1x1.gif
68 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesrv.adition.com/1x1.gif
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=cujjtcwp&e=1971603729092
Protocol
H2
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
5fb3bdb7f966c852579fb6b0574517445d5b2d171c804d66227ee67b1bffca9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 24 Dec 2022 10:07:20 GMT
last-modified
Fri, 24 Jul 2009 13:46:10 GMT
accept-ranges
bytes
etag
"3122740758"
content-length
68
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:07:19 +0100
server
ADITIONSERVER v1.0
etag
7180654628468165391
content-type
text/plain
location
https://imagesrv.adition.com/1x1.gif
access-control-allow-origin
*
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
cache-control
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame FB2B 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:18 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame FB2B 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=92395689689&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:18 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
prebid
ib.adnxs.com/ut/v3/ Frame FB2B 		17 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0d0d9903f54b242d364aa4832e6facab12b51e57936d3d6715433a8c3025c61e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 24 Dec 2022 10:07:19 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
1d1c489a-9c0f-43e4-8c6d-753d9d47abfb
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame FB2B 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:19 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
v1
prg.smartadserver.com/prebid/ Frame FB2B 		171 B
561 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:18 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame FB2B 		333 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876438128&tk_flint=pbjs_lite_v7.19.0&x_source.tid=8128527d-914e-47bc-8735-0b670e54abe3&l_pb_bid_id=1243a67c7a31998&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3275350211973227
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
9a670c8de641721d2f3ab1ae697f9adeb7e6bc24b52c110bf1c00f2235a1c61c

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:19 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
333
expires
Wed, 17 Sep 1975 21:32:10 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame FB2B 		37 B
505 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221382636496b489c%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876438128%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876438128%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2214597a57317e5e3%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%228128527d-914e-47bc-8735-0b670e54abe3%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%22a5cae8a5-a971-4a7c-ab9d-fac437e06dcd%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2838178a12207a5cb78e8b8bb3355f41969603d24d64d6355c1161fa630cbd3

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GMxvaAZra4hcZZYsyH4tdUnyUj1MjwKIUjX%2BJgkH7N0%2BH8kcoTyyBwxN7euUqL%2Frv40NwcREkFH5yC8SAA52Zek4n5vbZ6K%2FONZnZsVurKGjIKXIJ4dv3iWbwrCGYvU4gcm3xnfo"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e88782a91f696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
pbjs
htlb.casalemedia.com/openrtb/ Frame 426A 		36 B
505 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22100c1d12a9af9d%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876438144%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876438144%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222b3b462be77667%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%22d41d0129-4361-4560-8ebf-2ade736b892e%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%224841938c-bca1-4025-a7be-cb01f17eea92%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0c148036e0413f3fc6010d3c56538b721c7467ce292c979d81f58304ebb8127

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dqovcx7Pnp7zpdt7WI%2B8eWv5kW7Dz51Q9GGQPIUrn85vN%2FSdy9KJTo4aGE%2F9am1TYywOgSI%2BjacymjzBrwPYQxPj6E1KzVOUUIF1SBGxjb7YJSNu7t%2F8Btzhbu4Ygp8jn619bXUb"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e88782b938696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 426A 		333 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876438144&tk_flint=pbjs_lite_v7.19.0&x_source.tid=d41d0129-4361-4560-8ebf-2ade736b892e&l_pb_bid_id=4a8c2086f3b189&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7498199830544812
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
bee1bcc126188c77c4727e099334505a8ec3397e2ca0ec834ef53a30734e5d89

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:19 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
333
expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
prg.smartadserver.com/prebid/ Frame 426A 		171 B
561 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:19 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ Frame 426A 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:19 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame 426A 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=37230336375&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:18 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
prebid
ib.adnxs.com/ut/v3/ Frame 426A 		17 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
5c04b769069e8e2894cd7f9bc90342d74f33e6c8c14b906da380052b30cccc5a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 24 Dec 2022 10:07:19 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
98ba074a-661e-4bd7-87bd-e8fda8a2db4d
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 426A 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:19 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
dcmads.js
www.googletagservices.com/dcm/ Frame D573 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9406a92f81fad251295cd64386a8bb62ee7503f589ae1b96893faae2f4fcb18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 09:31:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2125
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10900
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 17:19:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 24 Dec 2022 10:31:54 GMT
apn
beacon.sojern.com/imp/ Frame D573 		42 B
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.sojern.com/imp/apn?auc=395398358634871920&cr=372961557&seg=&st=0&bp=0.00902&pp=0.00902&aaid=&idfa=&ord=1264160094
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
119.244.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
date
Sat, 24 Dec 2022 10:07:19 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
vary
Accept-Encoding
content-type
image/gif
ca
choices.truste.com/ Frame D573 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.truste.com/ca?pid=sojern01&aid=sojern02_d&cid=0&c=1264160094&sz=300x250&js=st_dapp
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-7.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
3cef1864f3b4a587c446729a5ee0eb8ae906ec76154e956b797e467c653d0024
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 ff2bcb2d3b4a3d9e0615ddd1033c38c4.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop
FRA2-C2
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
918
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
text/javascript;charset=UTF-8
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
VovVzrMsCiqkviBQeBYrAyUg3xwmI1psO3YWpFD9VDjiOqLufvy9_Q==
expires
Mon, 26 Jul 1997 05:00:00 GMT
trk.js
cdn.adnxs.com/v/s/231/ Frame D573 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/231/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a6014f6b98eaeb6078b9e1c953c61f33af95d5f4866d89a416d01b74a0dd6c27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Expires
Wed, 06 Dec 2023 04:35:13 GMT
Date
Sat, 24 Dec 2022 10:07:19 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
1575126
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27455
X-Served-By
cache-lga13620-LGA, cache-hhn-etou8220062-HHN
Last-Modified
Wed, 30 Nov 2022 10:07:25 GMT
Server
AkamaiNetStorage
X-Timer
S1671876439.483153,VS0,VE0
ETag
"48b9fe7fe4120aea6f95a30f505d7b35:1669802845.0694"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
17, 1432163
it
fra1-ib.adnxs.com/ Frame D573 		0
930 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fforward.com%252F&e=wqT_3QKuCvBMLgUAAAMA1gAFAQjWnpudBhDw-NC55ZavvgUYja-4qpOZ7ppWKjYJ8FAU6BN5gj8RRiAgmBGJez8ZAAAAgBSu5z8hRiAgmBGJez8p8FAJJPCaMQAAAEDheoQ_MPmGhQw4mFBA6j9IAlCV4uuxAViezX9gAGix8pcBeL3YBIABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJTdWYoJ2EnLCAyOTQwNzg5LCAwKTt1ZignaScsIDQ4MjM5MzAsIDApO3VmKCdnJywgMTI3MjgyNzIsIDAJKfCacicsIDM3Mjk2MTU1NywgMCk7kgKlBCFEbVpHTndqSWhOUVZFSlhpNjdFQkdBQWduczFfTUFBNEFFQUFTT29fVVBtR2hReFlBR0M5Qm1nQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkFhZ0JBYkFCQUxrQkR6aUNNWDk2Z2pfQkFRODRnakZfZW9JX3lRRUFBQUFBQUFEd1A5a0IBCgEBdDhEX2dBZnEycGdMMUFjM016RDJZQWdDZ0FnRzFBZwEiBEM5CQjwW0RBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0c2QXdsR1VrRXhPalUyT0RIZ0E0Z3dnQVRyMzhVRWlBU1h0c3NFa0FRQm1BUUJ1Z1FhQ0lVRUVRAWgcQUFBTkFfR1EBCQkBIElJTEdpdzdCQgkPBSAEeVEdIRhOZ0VBUEVFER9cQUFDSUJiRXNxUVZJTXhaTlp5ZnVQN0VGGSAYREJCWnFabQECQGJrX3lRVUFBQUJBSGhtM1A5MigABFpCEWfAUEFfNEFXR0JfQUYwTy1JQnZnRjliNnpBWUlHQTFWVFJJZ0dBSkFHQVpnR0FLRUdtcAVeMFp1VC1vQmdTeUJpUUoZgARBUh0MAFodDABoGQxAQzRCZ28umgKZASFYQlpFVmc6KQIoSjdOZnlBQUtBQXgZbVA4NkNVWlNRVEU2TlRZNE1VQ0lNRWsNVAxEd1AxPSQARhEYDEFBQUcRGAxEUVAyHRgASBEYGEFBQUhnQWkuPQLw9XcuLtgCAOACm4VO6gIUaHR0cHM6Ly9mb3J3YXJkLmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APw0pIB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDgwLjI1NS43LjEwOKgEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADSBA44MTcwI0ZSQTE6NTY4MdoEAggB4AQB8ASV4uuxAYgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBferGfoFBAgAEACQBgCYBgC4BgDBBgklKPA_0AboKdoGFgoQCREZAXQQABgA4AYB8gYCCACABwGIBwCgBwHIB73YBNIHDQkRKAEmDNoHBggFCWjgBwDqBwIIAPAHlsUDiggCEACVCAAAgD-YCAE.&s=d3d56e3926c98c389b96ddb6a196d99405db962d
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:19 GMT
AN-X-Request-Uuid
ec4ae86f-2b63-4ae5-b9ad-16fd8121af1c
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pubcid.min.js
sync.serverbid.com/id/ Frame 60A4 		58 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sync.serverbid.com/id/pubcid.min.js
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2001415.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-97.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
77255410684dbbba858c6fabae907a3e8ab1b2a85e43a0ca144fd723d1400327

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/ss/2001415.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 06:53:36 GMT
content-encoding
gzip
via
1.1 1bf129b8787cf2e96d3bce725554e4d4.cloudfront.net (CloudFront)
last-modified
Tue, 17 May 2022 13:13:32 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
11757
etag
W/"6347b683934f37cb70a4ee686f0c036a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
XzYTMsHOkIuysKEyiQF6HPfUYp8ZIa9h7zULUD_6F52IklGmv8rT-w==
register2.php
synchrobox.adswizz.com/ Frame 60A4 		589 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://synchrobox.adswizz.com/register2.php
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2001415.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.167.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-167-52.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
27246fd5233d3961a204f605bb713b1c564d1ecb1fcb2f08d44a82be95104280

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Methods
GET, HEAD, OPTIONS, POST, PUT
P3P
CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Access-Control-Allow-Origin
*
content-type
text/javascript
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
Content-Length
589
SynchroClient2.js
cdn.adswizz.com/adswizz/js/ Frame 60A4 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adswizz.com/adswizz/js/SynchroClient2.js
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2001415.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-45.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dc3a0e2e935e1287780338713472a6ab77cfddcd82259c9d6bb4317de0d93898

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:00:31 GMT
via
1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
last-modified
Tue, 15 Sep 2020 06:28:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
54408
etag
"3a38a4c45e3aa46a58e390f0b0baebfd"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9187
x-amz-cf-id
hg7ECzqylOEnqteXhaOW2tiRqIW3hx1pT-kcvpoFdTLqDhmNrya3rw==
pubcid.min.js
sync.serverbid.com/id/ Frame 5B14 		58 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sync.serverbid.com/id/pubcid.min.js
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2001415.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-97.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
77255410684dbbba858c6fabae907a3e8ab1b2a85e43a0ca144fd723d1400327

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/ss/2001415.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 06:53:36 GMT
content-encoding
gzip
via
1.1 1bf129b8787cf2e96d3bce725554e4d4.cloudfront.net (CloudFront)
last-modified
Tue, 17 May 2022 13:13:32 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
11757
etag
W/"6347b683934f37cb70a4ee686f0c036a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
lG1yFK_DrZDH6vRhsALsgw9p34jbaHdgv9ThLExzk_RnBZ3MCkKQAA==
register2.php
synchrobox.adswizz.com/ Frame 5B14 		589 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://synchrobox.adswizz.com/register2.php
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2001415.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.167.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-167-52.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
27246fd5233d3961a204f605bb713b1c564d1ecb1fcb2f08d44a82be95104280

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Methods
GET, HEAD, OPTIONS, POST, PUT
P3P
CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Access-Control-Allow-Origin
*
content-type
text/javascript
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
Content-Length
589
SynchroClient2.js
cdn.adswizz.com/adswizz/js/ Frame 5B14 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adswizz.com/adswizz/js/SynchroClient2.js
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2001415.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-45.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dc3a0e2e935e1287780338713472a6ab77cfddcd82259c9d6bb4317de0d93898

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:00:31 GMT
via
1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
last-modified
Tue, 15 Sep 2020 06:28:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
54408
etag
"3a38a4c45e3aa46a58e390f0b0baebfd"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9187
x-amz-cf-id
2_TLfAj2VzAzUIIwIpibi7Aii7Htrg0Xw9gYmEtzYm9GHe87nj-X_w==
pubcid.min.js
sync.serverbid.com/id/ Frame 77F6 		58 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sync.serverbid.com/id/pubcid.min.js
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2001415.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-97.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
77255410684dbbba858c6fabae907a3e8ab1b2a85e43a0ca144fd723d1400327

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/ss/2001415.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 06:53:36 GMT
content-encoding
gzip
via
1.1 1bf129b8787cf2e96d3bce725554e4d4.cloudfront.net (CloudFront)
last-modified
Tue, 17 May 2022 13:13:32 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
11757
etag
W/"6347b683934f37cb70a4ee686f0c036a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
9HJOI1omxFPHkDSpkI_AmJlVK8Nl_nsu7NmLmdz1KDQobiTWs0WhDw==
register2.php
synchrobox.adswizz.com/ Frame 77F6 		589 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://synchrobox.adswizz.com/register2.php
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2001415.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.167.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-167-52.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
27246fd5233d3961a204f605bb713b1c564d1ecb1fcb2f08d44a82be95104280

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Methods
GET, HEAD, OPTIONS, POST, PUT
P3P
CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Access-Control-Allow-Origin
*
content-type
text/javascript
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
Content-Length
589
SynchroClient2.js
cdn.adswizz.com/adswizz/js/ Frame 77F6 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adswizz.com/adswizz/js/SynchroClient2.js
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2001415.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-45.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dc3a0e2e935e1287780338713472a6ab77cfddcd82259c9d6bb4317de0d93898

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:00:31 GMT
via
1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
last-modified
Tue, 15 Sep 2020 06:28:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
54408
etag
"3a38a4c45e3aa46a58e390f0b0baebfd"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9187
x-amz-cf-id
WnekCm1-SiBOt3XtBMpLLPpXoaJHSaTTS4pCyzu9mg96_voqxo4HMA==
pubcid.min.js
sync.serverbid.com/id/ Frame 7502 		58 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sync.serverbid.com/id/pubcid.min.js
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2001415.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-97.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
77255410684dbbba858c6fabae907a3e8ab1b2a85e43a0ca144fd723d1400327

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/ss/2001415.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 06:53:36 GMT
content-encoding
gzip
via
1.1 1bf129b8787cf2e96d3bce725554e4d4.cloudfront.net (CloudFront)
last-modified
Tue, 17 May 2022 13:13:32 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
11757
etag
W/"6347b683934f37cb70a4ee686f0c036a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
9ZHQRKsEOY2X3MqLEuYOzM7xCKYEchEvXPx3uUyYfmFM7x-aMF4P5A==
register2.php
synchrobox.adswizz.com/ Frame 7502 		589 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://synchrobox.adswizz.com/register2.php
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2001415.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.167.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-167-52.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
27246fd5233d3961a204f605bb713b1c564d1ecb1fcb2f08d44a82be95104280

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Methods
GET, HEAD, OPTIONS, POST, PUT
P3P
CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Access-Control-Allow-Origin
*
content-type
text/javascript
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
Content-Length
589
SynchroClient2.js
cdn.adswizz.com/adswizz/js/ Frame 7502 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adswizz.com/adswizz/js/SynchroClient2.js
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2001415.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-45.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dc3a0e2e935e1287780338713472a6ab77cfddcd82259c9d6bb4317de0d93898

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:00:31 GMT
via
1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
last-modified
Tue, 15 Sep 2020 06:28:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
54408
etag
"3a38a4c45e3aa46a58e390f0b0baebfd"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9187
x-amz-cf-id
DYnkh5aqFlFxzmCag2woNvRVPymdWzFT_PuVlgwxN4KQnVn4iICumw==
pubcid.min.js
sync.serverbid.com/id/ Frame BF67 		58 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sync.serverbid.com/id/pubcid.min.js
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2001415.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-97.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
77255410684dbbba858c6fabae907a3e8ab1b2a85e43a0ca144fd723d1400327

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/ss/2001415.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 06:53:36 GMT
content-encoding
gzip
via
1.1 1bf129b8787cf2e96d3bce725554e4d4.cloudfront.net (CloudFront)
last-modified
Tue, 17 May 2022 13:13:32 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
11757
etag
W/"6347b683934f37cb70a4ee686f0c036a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
be11Cxd1_GlUcqWaTeWF5UeWtvjUqoJIjgG9SaQ1gEnxhLyRf-thrg==
register2.php
synchrobox.adswizz.com/ Frame BF67 		589 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://synchrobox.adswizz.com/register2.php
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2001415.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.167.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-167-52.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
27246fd5233d3961a204f605bb713b1c564d1ecb1fcb2f08d44a82be95104280

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Methods
GET, HEAD, OPTIONS, POST, PUT
P3P
CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Access-Control-Allow-Origin
*
content-type
text/javascript
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
Content-Length
589
SynchroClient2.js
cdn.adswizz.com/adswizz/js/ Frame BF67 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adswizz.com/adswizz/js/SynchroClient2.js
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2001415.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-45.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dc3a0e2e935e1287780338713472a6ab77cfddcd82259c9d6bb4317de0d93898

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:00:31 GMT
via
1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
last-modified
Tue, 15 Sep 2020 06:28:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
54408
etag
"3a38a4c45e3aa46a58e390f0b0baebfd"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9187
x-amz-cf-id
DZIz7PiX-MlUS2DHcR1g6fa3kYAze0TeVd9MtbHEHzvHCeTJKrF8wQ==
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame C7D0 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:19 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
pbjs
htlb.casalemedia.com/openrtb/ Frame C7D0 		36 B
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2239cc018882c009%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876438164%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876438164%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%224ab790ead3aac7%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%22aad0e24a-f183-4c1f-b924-b8e07275fa9a%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%2249dfac1d-75d4-43d9-9f0e-b9da6f0f3b22%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61b628640e10ce4d7ca39b6a5e86e3193994cfbe8da9be73eb1f091a9ca52e37

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2F2qwioco7Vv%2FbNtumvWi2xhpyMcjeeNTkhBDbK24z1SR3pr68Y9xMyt%2FXlxXpgnCcl9t4u4zPM4KLCkJmuhMh%2Bd9kiO7epL2nzA7J0FK9NvdAJ4yeUkcUmpJbyFv96gZEnKvJlT"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e887831a3b696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
translator
hbopenbid.pubmatic.com/ Frame C7D0 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:18 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame C7D0 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=40188156009&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:19 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
prebid
ib.adnxs.com/ut/v3/ Frame C7D0 		17 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e68c94ba3118695b2a5be0bdafe4259bda8db3819d992e6d3d0b1fb537bd352f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 24 Dec 2022 10:07:19 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
ee2c8054-1638-4345-83da-46617cea8059
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame C7D0 		333 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876438164&tk_flint=pbjs_lite_v7.19.0&x_source.tid=aad0e24a-f183-4c1f-b924-b8e07275fa9a&l_pb_bid_id=12782921b015cb2&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4075668266555643
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
7129b2c2f1d0c35446d8f54bb6ad6b3df3aaad00ec583809075bc05e1b39eebe

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:19 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
333
expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
prg.smartadserver.com/prebid/ Frame C7D0 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:19 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ Frame A5F9 		36 B
506 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2211aaeb984b0439%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876438155%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876438155%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2225b8579e34d5b%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%22bcb3881c-f359-479d-8895-2ee6186d5896%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%22cc50a07e-13b2-419d-a053-b954aca6935b%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f750e31f656afbb2606fc24375f9a462ee3cf3523b0d9229ec347743975d754

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gP0iyng5UpAmtahtJh%2BZ8Qd3x2FKEeZHcU%2F6oUxU0EBASQnnODPHw%2BCTRv3Q2VSlJrw5KCyF%2BCBiqOyeTXE6fXVbDa%2B52BhhIXuFxCTZhp%2BNtuUYDs5woLxGG5ndh5Djz7PszSfw"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e887832a65696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame A5F9 		333 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876438155&tk_flint=pbjs_lite_v7.19.0&x_source.tid=bcb3881c-f359-479d-8895-2ee6186d5896&l_pb_bid_id=4c732111607e88&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.25056087214971123
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
90975213f6b55c1bb1f21fdd580822aad6a37f08f83b960d6520925f03f1dcab

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:19 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
333
expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ Frame A5F9 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=8205369206&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:18 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
v1
prg.smartadserver.com/prebid/ Frame A5F9 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:19 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ Frame A5F9 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:19 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame A5F9 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:19 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid
ib.adnxs.com/ut/v3/ Frame A5F9 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
1681d5da1cdde73eb5f43b3a500931754aef711367bf9457c3d7264c29db4d2e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:19 GMT
AN-X-Request-Uuid
3d6a505a-29c6-4ffd-a60f-62ba9dc4ae87
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame 3A2F 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:18 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ Frame 3A2F 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:19 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 3A2F 		333 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876438176&tk_flint=pbjs_lite_v7.19.0&x_source.tid=f15e02f1-7ad1-4d5e-a7b2-b635686e9cbe&l_pb_bid_id=61f6f4de25ec24&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.19850463169112542
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
c23eb13bc4b4ca8a1ed582ec929d59ea58a97937ce955c4a087116c5f26acce7

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:19 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
333
expires
Wed, 17 Sep 1975 21:32:10 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 3A2F 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:19 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
cdb
bidder.criteo.com/ Frame 3A2F 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=98022672449&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:19 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
pbjs
htlb.casalemedia.com/openrtb/ Frame 3A2F 		37 B
505 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2211d91c75d00c7b5%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876438176%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876438176%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22128822703e545e2%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%22f15e02f1-7ad1-4d5e-a7b2-b635686e9cbe%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%22e364d47d-6eea-495a-a08e-95938bc12d84%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efab8ac01e647a59c2d270e5b91f6c3206e1d0a84a591759f5f9cdf928a6b33a

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oH%2B0MZHcACNYa7c4zoCmWUgydji%2BOrxQtxvPHeHaqlemHc1C0vUqiyIySIgHGC1m1MtkHr6euOCRRFK%2Fml07HFh%2B%2F01FLFdyFulkKvmispYxX5a40T8I5MvcdMSarZ86XxNnM%2BU2"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e887833a84696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
prebid
ib.adnxs.com/ut/v3/ Frame 3A2F 		13 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
a90052f90558c28d7f8fea24d57519ebf7f2112786ed3895a66d1ffe56e61a8d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 24 Dec 2022 10:07:19 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
ef54512b-a344-4c28-b7dd-a3fa138e2254
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame D1D0 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:18 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame D1D0 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:19 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
v1
prg.smartadserver.com/prebid/ Frame D1D0 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:19 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ Frame D1D0 		36 B
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22752b7f191679a3%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876438189%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876438189%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22872a948a06eb09%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%22c21b4cc8-2768-49a9-b4ae-8fbb9fc5540c%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%22d2dfbadb-58e5-4259-b4b7-6a098fcf7bcb%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fbe970505653155455e5849756ce2d6a7ad36e610ee3efc59ea89babe3c4be9

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hvXLR%2BClt3M3U2uSQ90wSrd30HoB4qrp6uoLR%2F1pxTZ36%2FrCjEGfOaGFcnyHc0WB5pZ8yBY2b8KQjpEGrydGfV4LudxAOL69sgMIQWW6AWpD1EyWcK%2BFyb8y0vag1JlAa3g6TkLC"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e887834a98696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame D1D0 		333 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876438189&tk_flint=pbjs_lite_v7.19.0&x_source.tid=c21b4cc8-2768-49a9-b4ae-8fbb9fc5540c&l_pb_bid_id=104751f1f44374&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4941238367992107
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
c3d9895ded4a312811772562509a770b1d043056128feb424bac73028b9a901b

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:19 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
333
expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ Frame D1D0 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=57177577530&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:19 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
prebid
ib.adnxs.com/ut/v3/ Frame D1D0 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
678251a3764ea08beb2b99bc4eeaa901a5464eb7dd4c4e25cd75c3d0651249a6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:19 GMT
AN-X-Request-Uuid
f712f996-af4a-4f58-8ecc-576d36fb9f01
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
adition.js
imagesrv.adition.com/js/ Frame BCC6 		32 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/js/adition.js
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:19 GMT
content-encoding
br
last-modified
Thu, 21 Oct 2021 06:32:42 GMT
etag
"4043560335-br"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
8355
js
ad4.adfarm1.adition.com/ Frame BCC6 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4.adfarm1.adition.com/js?wp_id=4787252&gdpr=0&gdpr_consent=&prf[paappid]=&prf[padevid]=&prf[IDFA]=&prf[ADVERTISINGID]=&prf[pasource]=&prf[paplacementid]=6063205&prf[papublisherid]=1654713&prf[paref]=https%3A%2F%2Fforward.com%2F&prf[pasupplytype]=0&prf[padsp]=apx&prf[padevice]=0&prf[paadformat]=300x250&prf[pavendor]=&prf[paclickid]=&prf[pacarrier]=1&prf[paauction]=8202722112698786336&prf[pageolat]=&prf[pageolon]=&prf[padspuserid]=6212074435349714829&prf[passp]=10264&keyword=[mtp](cid)406782908[AAID][IDFA][u]https%3A%2F%2Fforward.com%2F[p]1654713[mtp](segc)&clickurl=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3Fyq8V4zQk4D-77vLtcNrYPwAAAIAUruc_Rxz1wmt_5D_H155ZEqDqPyAipzZN7NVxjRdONcm4NVZWz6ZjAAAAAHlDgQEYKAAAsAQAAAIAAAC8Az8YnuYfAAAAAABVU0QARVVSACwB-gAx-QAAAAABAQUCAAAAAMoAuSfJEwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521-hFt-AjJo5YaELyH_MEBGJ7NfyAAKAAxAAAAAAAAAAA6CUZSQTE6NTMxOUCIMElIMxZNZyfuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTIwMCNGUkExOjUzMTk%3D%2Fbn%3D93185%2Fclickenc%3D
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad4.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
69fcc9d00244052d97025770b5460f5be9c06ffbc2ade4a19df9d0ea17e568b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
date
Sat, 24 Dec 2022 11:07:19 +0100
cache-control
max-age=600
content-encoding
gzip
content-type
application/x-javascript
server
ADITIONSERVER v1.0
expires
Sat, 01 Jan 2000 00:00:00 GMT
trk.js
cdn.adnxs.com/v/s/231/ Frame BCC6 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/231/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a6014f6b98eaeb6078b9e1c953c61f33af95d5f4866d89a416d01b74a0dd6c27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Expires
Wed, 06 Dec 2023 04:35:13 GMT
Date
Sat, 24 Dec 2022 10:07:19 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
1575126
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27455
X-Served-By
cache-lga13620-LGA, cache-hhn-etou8220062-HHN
Last-Modified
Wed, 30 Nov 2022 10:07:25 GMT
Server
AkamaiNetStorage
X-Timer
S1671876440.578722,VS0,VE0
ETag
"48b9fe7fe4120aea6f95a30f505d7b35:1669802845.0694"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
17, 1432164
it
fra1-ib.adnxs.com/ Frame BCC6 		0
930 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fforward.com%252F&e=wqT_3QLWCvRuAlYFAAADANYABQEI1p6bnQYQoMSctdOJ--pxGI2vuKqTme6aVio2CcqvFeM0JOA_Ebvu8u1w2tg_GQAAAIAUruc_IUcc9cJrf-Q_KcfXnlkSoOo_MQAAAEDheoQ_MPmGhQw4mFBAsAlIAlC8h_zBAViezX9gAGix8pcBeIHYBYABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJodWYoJ2EnLCA5ODExNzAsIDApO3VmKCdpJywgNzg4MjczMCwgMCk7dWYoJ2cnLCAxOTg4NTYyNSwgMCk7dWYoJ3MnLCAyODA4OTA2NTksIDApO3VmKCdyJywgNDA2NzgyOTA4LCAwKTuSArkEITBHa3gzd2pKbzVZYUVMeUhfTUVCR0FBZ25zMV9NQUE0QUVBQVNMQUpVUG1HaFF4WUFHQzlCbWdBY0FCNEFJQUJBSWdCQUpBQkFaZ0JBYUFCQWFnQkFiQUJBTGtCSnh4QnZ0Y1c2VF9CQWJWYy1MSVBvT29feVFFQUFBQUFBQUR3UDlrQlNETVdUV2NuN2pfZ0FlcVA0UVAxQWJpMlNELVlBZ0NnQWdHMUFnQUFBQUM5QWdBQUFBREFBZ0RJQWdEUUFnRFlBZ0RnQWdEb0FnRDRBZ0NBQXdHWUF3R2lBdzRJbnQyeEp4QUJHQUl0QUFEQVFLSUREZ2llM2JFbkVBc1lBaTBBQU1CQXVnTUpSbEpCTVRvMU16RTU0QU9JTUlBRTFlVHdDWWdFM3VUd0NaQUVBSmdFQWFBRUZNRUVBQUFBQUFBQUFBREpCQUFBQUFBBRMYMkFRQThRUQUMBQF4SWdGeHltWUJhT2EtSVVCcVFWSU14Wk5aeWZ1UDdFRgUkBQEIREJCETdAQmhBeVFVQUFBQ2c1TG5BUDkyKAAAWhUouFBBXzRBV0VpZ1h3QmJuY3ZRbjRCYkx4TzRJR0EwVlZVb2dHQkpBR0FaZ0dBS0VHBWcFASRDb0JnU3lCaVFKBQ8JAQBSCQcFAQBaBQYJAQBoCQcBAahDNEJnby6aApkBIS1oRnQtQWpKbzVZYUVMeUhfTUVCR0o3TmZ5QUFLQUF4AS8NAUw2Q1VaU1FURTZOVE14T1VDSU1FbDkFBDFFDScQQUFBRmsBBgkBAEcdGABHHRgASB0YEEhnQWlRERDw10R3UHcuLtgCAOACm4VO6gIUaHR0cHM6Ly9mb3J3YXJkLmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APw0pIB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDgwLjI1NS43LjEwOKgEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADSBA4xMjAwI0ZSQTE6NTMxOdoEAggB4AQB8AS8h_zBAYgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAAAAEObNgFAeAFAfAFygH6BQQIABAAkAYAmAYAuAYAwQYBIDAAAPA_0AbzA9oGFgoQCREZAXQQABgA4AYB8gYCCACABwGIBwCgBwHIB4HYBdIHDQkRKAEmCNoHBgFdcBgA4AcA6gcCCADwB5bFA4oIAhAAlQgAAIA_mAgB&s=579115a9defed35892e9eeb2b78fbaeaa2a9a242
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:19 GMT
AN-X-Request-Uuid
2a94ee60-cfe9-4bfd-9418-08b4826f5d7b
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 2838 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:19 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
cdb
bidder.criteo.com/ Frame 2838 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=21436668551&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:18 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
prebid
ib.adnxs.com/ut/v3/ Frame 2838 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
cb5676dc6553aa0b6ad29256a7a9d05e9965e36279ff144d39e8ae78eca9c06a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:19 GMT
AN-X-Request-Uuid
06c69b17-d9b8-43fd-99e8-6fac1997d4ef
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 2838 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:18 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ Frame 2838 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:18 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 2838 		333 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876438212&tk_flint=pbjs_lite_v7.19.0&x_source.tid=ca9689b8-beb6-4a56-805b-835958c97ae4&l_pb_bid_id=129d1b8dba88d6f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6398859970836561
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
9431eb368f1bbbfa6191163bfe36962e0a971717aac5f0bbe2226334c83a7ceb

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:19 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
333
expires
Wed, 17 Sep 1975 21:32:10 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame 2838 		37 B
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22137f4908adbbdaa%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876438212%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876438212%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22145e7d5b785f5eb%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%22ca9689b8-beb6-4a56-805b-835958c97ae4%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%222b0bbd85-0314-4227-80a4-6c5a1ebca4c7%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
208fc1b7b495d76e6cae80ceaf258ab31b373461c2e7b30c259eed947c599fba

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8DouJr2BqxihhlA1PSu34HgPw9IqidwPBJZRRmJnvEjdCDE4CJHfp74Iz0Feng7suhjctgISlYBzt%2B2PEftBp7oH84zSPkyforrpuq%2B6CMsvNITdAicvjDOHd8riwhQgmD%2BxWR9s"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e887836ac0696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 5373 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:19 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 5373 		333 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876438201&tk_flint=pbjs_lite_v7.19.0&x_source.tid=e8a58a8e-82e9-4fda-a60a-3165ec5026bf&l_pb_bid_id=42aa5e5fde9fd6&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.971052292093312
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
6736db2627733e99082a904ca8a83248490fa00e852abc884cf6037058c31929

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:19 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
333
expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ Frame 5373 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=37957013050&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:19 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
pbjs
htlb.casalemedia.com/openrtb/ Frame 5373 		36 B
500 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%227dda95d36d279c%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876438201%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876438201%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%228b0c053c7eb23%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%22e8a58a8e-82e9-4fda-a60a-3165ec5026bf%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%22dc76016a-c3bc-467d-a30c-b25121dcb3e1%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49ae16d0d80974581d28c0639f38ccec3a977d964f86ce418a32a3c7bada708b

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DiSkeCClT9N6Wl8k2NNoVaYusM6gmgrAX%2Fto37Nrkqp8WIYoqEvtUvZd6g4KA4Kkidn68%2Bjol3bCBFgGY74ss6jJTT4er06BZjQXU%2FwhR7IhNJtXEQ8NIcHktvmhivenNXteU1nG"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e887836acc696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
v1
prg.smartadserver.com/prebid/ Frame 5373 		171 B
561 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:18 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ Frame 5373 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:19 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame 5373 		13 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
3c39622ddc19536adf9b17912f11d621921f6bbefaa53acb110116b6fb4cbed0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 24 Dec 2022 10:07:19 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
8bae227c-762e-4fd7-b79a-75acc7c7b344
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
banner
ad4.adfarm1.adition.com/ Frame 2690 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4.adfarm1.adition.com/banner?sid=3692289&wpt=H&ac=-1&bid=16707077&userid=7124704239831220522&clickurl=https://fra1-ib.adnxs.com/click?DJOpglFJfT9-VZF-uR52PwAAAIAUruc_flWRfrkedj8Mk6mCUUl9P0Y_g_urAXQHjRdONcm4NVZWz6ZjAAAAAHlDgQEYKAAAYQwAAAIAAAAbqS0XnuYfAAAAAABVU0QARVVSACwB-gAx-QAAAAABAQUCAAAAAMoApCGwmAAAAAA./bcr=AAAAAAAA8D8=/cnd=%21_hYA2wjX9uMZEJvStrkBGJ7NfyAAKAAxAAAAAAAACEA6CUZSQTE6NTc3NkCIMElIMxZNZyfuP1EAAAAAAAAAAFkAAAAAAAAAAGG4HoXrUbieP2kAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MzE2OSNGUkExOjU3NzY=/bn=93370/clickenc=
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad4.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
38424de62e089499c2f4b02bf35bc44d331b1f92029d77ad2c8e3a45b63ee966

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 11:07:19 +0100
expires
Sat, 01 Jan 2000 00:00:00 GMT
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pragma
no-cache
server
ADITIONSERVER v1.0
async_usersync.html
acdn.adnxs.com/dmp/ Frame 75DB 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
53027
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 24 Dec 2022 10:07:19 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 15 Dec 2022 19:23:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
100, 271618
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220080-HHN
X-Timer
S1671876440.647841,VS0,VE0
rd_log
fra1-ib.adnxs.com/ Frame DC10 		0
930 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fforward.com%2F&e=wqT_3QLIDfBMyAYAAAMA1gAFAQjWnpudBhDG_ozcv7WAugcYja-4qpOZ7ppWKjYJDJOpglFJfT8RflWRfrkedj8ZAAAAgBSu5z8hflWRfrkedj8pDJMJJPCaMQAAAEDheoQ_MPmGhQw4mFBA4RhIAlCb0ra5AViezX9gAGix8pcBeLrZBYABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJpdWYoJ2EnLCA0NTA2MTg4LCAwKTt1ZignaScsIDc2NTY5MjYsIDApO3VmKCdnJywgMTkxMDI1MDcsIDAJKTxzJywgMjc4NTgwOTIyLCAwCRYwcicsIDM4ODg2ODM3OQUW9IEBkgKJBSFRWC1ETGdqWDl1TVpFSnZTdHJrQkdBQWduczFfTUFFNEFFQUFTT0VZVVBtR2hReFlBR0M5Qm1nQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkFxZ0JBckFCQUxrQk5FNWNPNVdXZXpfQkFmUkQ0TFgzUm4wX3lRRUFBQURBek16c1A5a0JTRE1XVFdjbjdqX2dBZDZyMHdQMUFRQUFRRUNZQWdDZ0FnQzFBZ0FBQUFDOUFnQUFBQURBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdHQUF3R1lBd0dpQXc0SWdfeS1KeEFFR0FFdHdYS3dPYUlERXdpdDBfTW1FQW9ZQVMxbVptWV9NZ04xYm5HaUF3NEltcm1ZSlJBTEdBSXRBQUFBQUxvRENVWlNRVEU2TlRjM051QURpRENBQkpIa3FnbUlCTENKcXdtUUJBR1lCQVN5QkFrSXZ1b1JFSl9jcEEyNkJCa0k3UWdSdUI2RjYxRzRuajhaQUFBQUEBy1hBQWd2dW9Sd1FTNEhvWHJVYmllUDhrRQkbAQEYRFlCQUR4QgELDQF4aUFXUUxaZ0Z1cDNyaEFHcEJVZ3pGazFuSi00X3NRVQ0mFEFBQU1FRgEHCQE4REpCUUFBQUtBTGF1a18wLigABE5rFSi4OERfZ0Jjc0Y4QVdyOW8wSi1BWE1oSk1DZ2dZRFJWVlNpQVlBa0FZQm1BWUFvUVkJWzRBQUlRS2dHQkxJR0pBaxEUCEFBQh3HBEJrGRgAQx0YRExnR0NnLi6aApkBIV9oWUEydzqNAhBKN05meQG4BEF4EUIsQ0VBNkNVWlNRVEU2JZFAa0NJTUVsSU14Wk5aeWZ1UDEdYQBGHXkIR0c0NWUAMh0YAEgdMAxIZ0FpRaEBAfBARHdQdy4u2AIA4AKbhU7qAhRodHRwczovL2ZvcndhcmQuY29tL_ICEQoGQURWX0lEEgc0NTA2MTg48gISCgZDUEcBFAQIMW2jARUIBUNQARQACXWiPPICDQoIQURWX0ZSRVESATAFEBxSRU1fVVNFUgUQABUJIFhDT0RFEglMQU1CT18xMzbyAgwKCENQRwkYHADyAgsKB0NQFQ4QEAoFSU8BaggHNzaFNQUhBElPFSE4EwoPQ1VTVE9NX01PREVMASsUAPICGgoWMhYAIExFQUZfTkFNRQEdCB4KGjYdAAhBU1QBPhBJRklFRAEhHBUKCFNQTElUAU0Z4vCGgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgD8NKSAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBAw4MC4yNTUuNy4xMDioBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQOMzE2OSNGUkExOjU3NzbaBAIIAeAEAfAEpaIgiAUBmAUAoAX_EQEYAcAFAMkFAAUBFPA_0gUJCQULfAAAANgFAeAFAfAFq-9J-gUECAAQAJAGAJgGALgGAMEGASEwAADwP9AG_wvaBhYKEAkRGQFwEAAYAOAGAfIGAggAgAcBiAcAoAcByAe62QXSBw0VZAEmCNoHBgFdcBgA4AcA6gcCCADwB5bFA4oIAhAAlQgAAIA_mAgB&s=bddaa7ad74c5b8fc61db986b6e6d9663e8b0a657&bdref=https%3A%2F%2Fforward.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fforward.com%2F,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dhrrpjho%26e%3D1971603729092,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dhrrpjho%26e%3D1971603729092&
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:19 GMT
AN-X-Request-Uuid
eda021d6-b87d-4b58-bd6f-ffeb401d2500
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
trk.js
cdn.adnxs.com/v/s/231/ Frame DC10 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/231/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a6014f6b98eaeb6078b9e1c953c61f33af95d5f4866d89a416d01b74a0dd6c27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Expires
Wed, 06 Dec 2023 04:35:13 GMT
Date
Sat, 24 Dec 2022 10:07:19 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
1575126
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27455
X-Served-By
cache-lga13620-LGA, cache-hhn-etou8220054-HHN
Last-Modified
Wed, 30 Nov 2022 10:07:25 GMT
Server
AkamaiNetStorage
X-Timer
S1671876440.604042,VS0,VE0
ETag
"48b9fe7fe4120aea6f95a30f505d7b35:1669802845.0694"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
17, 1295414
it
fra1-ib.adnxs.com/ Frame DC10 		0
930 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fforward.com%252F&e=wqT_3QKoC_BMqAUAAAMA1gAFAQjWnpudBhDG_ozcv7WAugcYja-4qpOZ7ppWKjYJDJOpglFJfT8RflWRfrkedj8ZAAAAgBSu5z8hflWRfrkedj8pDJMJJPCaMQAAAEDheoQ_MPmGhQw4mFBA4RhIAlCb0ra5AViezX9gAGix8pcBeLrZBYABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJpdWYoJ2EnLCA0NTA2MTg4LCAwKTt1ZignaScsIDc2NTY5MjYsIDApO3VmKCdnJywgMTkxMDI1MDcsIDAJKTxzJywgMjc4NTgwOTIyLCAwCRYwcicsIDM4ODg2ODM3OQUW9IEBkgKJBSFRWC1ETGdqWDl1TVpFSnZTdHJrQkdBQWduczFfTUFFNEFFQUFTT0VZVVBtR2hReFlBR0M5Qm1nQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkFxZ0JBckFCQUxrQk5FNWNPNVdXZXpfQkFmUkQ0TFgzUm4wX3lRRUFBQURBek16c1A5a0JTRE1XVFdjbjdqX2dBZDZyMHdQMUFRQUFRRUNZQWdDZ0FnQzFBZ0FBQUFDOUFnQUFBQURBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdHQUF3R1lBd0dpQXc0SWdfeS1KeEFFR0FFdHdYS3dPYUlERXdpdDBfTW1FQW9ZQVMxbVptWV9NZ04xYm5HaUF3NEltcm1ZSlJBTEdBSXRBQUFBQUxvRENVWlNRVEU2TlRjM051QURpRENBQkpIa3FnbUlCTENKcXdtUUJBR1lCQVN5QkFrSXZ1b1JFSl9jcEEyNkJCa0k3UWdSdUI2RjYxRzRuajhaQUFBQUEBy1hBQWd2dW9Sd1FTNEhvWHJVYmllUDhrRQkbAQEYRFlCQUR4QgELDQF4aUFXUUxaZ0Z1cDNyaEFHcEJVZ3pGazFuSi00X3NRVQ0mFEFBQU1FRgEHCQE4REpCUUFBQUtBTGF1a18wLigABE5rFSi4OERfZ0Jjc0Y4QVdyOW8wSi1BWE1oSk1DZ2dZRFJWVlNpQVlBa0FZQm1BWUFvUVkJWzRBQUlRS2dHQkxJR0pBaxEUCEFBQh3HBEJrGRgAQx0YRExnR0NnLi6aApkBIV9oWUEydzqNAhBKN05meQG4BEF4EUIsQ0VBNkNVWlNRVEU2JZFAa0NJTUVsSU14Wk5aeWZ1UDEdYQBGHXkIR0c0NWUAMh0YAEgdMAxIZ0FpRaEBAfDXRHdQdy4u2AIA4AKbhU7qAhRodHRwczovL2ZvcndhcmQuY29tL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA_DSkgHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMODAuMjU1LjcuMTA4qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANIEDjMxNjkjRlJBMTo1Nzc22gQCCAHgBAHwBJvStrkBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAQ5w2AUB4AUB8AWr70n6BQQIABAAkAYAmAYAuAYAwQYBITAAAPA_0Ab_C9oGFgoQCREZAXQQABgA4AYB8gYCCACABwGIBwCgBwHIB7rZBdIHDQkRKAEmCNoHBgFdcBgA4AcA6gcCCADwB5bFA4oIAhAAlQgAAIA_mAgB&s=e24a9954e4c56ab92b6ebd44df05d723a1c23889
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:19 GMT
AN-X-Request-Uuid
f094581e-0ff9-4927-a38d-f6b06b161af0
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
skeleton.js
pixel.adsafeprotected.com/rjss/st/1193981/66062622/ Frame DC10 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/rjss/st/1193981/66062622/skeleton.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.4.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-4-225.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:19 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
m
secure-gl.imrworldwide.com/cgi-bin/ Frame DC10 		44 B
752 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn361438&cr=388868379&ce=esome_com&pc=AP_278580922&ci=nlsnci1671&am=4&at=view&rt=banner&st=image&cy=1&gdpr=0&gdpr_consent=&r=1765794204
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:3c00:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:19 GMT
via
1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy
cross-origin
content-length
44
pragma
no-cache
server
nginx
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods
POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
x-amz-cf-id
KZwJM3kIGrpP8DPqaV8LTvjodrt34EcQ8PWn0vP4NAB5C_LKw24RYQ==
expires
Thu, 01 Dec 1994 16:00:00 GMT
1x1.gif
imagesrv.adition.com/ Frame DC10
Redirect Chain
  • https://ad13.adfarm1.adition.com/banner?sid=4317211&gdpr=0&gdpr_consent=&kid=5564120&bid=16870234&wpt=C&ts=%5Btimestamp%5D&prf%5Bcustom_1%5D=%5BCID%5D&prf%5Bcustom_2%5D=%5BGID%5D
  • https://imagesrv.adition.com/1x1.gif
68 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesrv.adition.com/1x1.gif
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=hrrpjho&e=1971603729092
Protocol
H2
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
5fb3bdb7f966c852579fb6b0574517445d5b2d171c804d66227ee67b1bffca9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 24 Dec 2022 10:07:20 GMT
last-modified
Fri, 24 Jul 2009 13:46:10 GMT
accept-ranges
bytes
etag
"3122740758"
content-length
68
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:07:19 +0100
server
ADITIONSERVER v1.0
etag
7180654628468820751
content-type
text/plain
location
https://imagesrv.adition.com/1x1.gif
access-control-allow-origin
*
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
cache-control
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 975C 		333 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876438222&tk_flint=pbjs_lite_v7.19.0&x_source.tid=620334f9-874f-4d12-b528-27ca2f3dbc05&l_pb_bid_id=20f51017d8c53c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6713070877455456
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
b94379c33ea47b982956b011a24f2f9593626934ba48672c9e27536ae4355a66

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:19 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
333
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 975C 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4127a76c62def29a67bbb957424f8d3673475ec78f5a88d71bfad93318e6767b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:19 GMT
AN-X-Request-Uuid
231168b5-624e-4c06-9beb-445da43d6858
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 975C 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:19 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ Frame 975C 		36 B
503 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22736b643c000d8e%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876438222%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876438222%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22886753b291bee8%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%22620334f9-874f-4d12-b528-27ca2f3dbc05%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%2208c9befd-7cfa-4380-85a6-b11a67567e61%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b6a57b51d158224de383cad30a81fe3e4d3d5436e55d3851045a7f6e0258176

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E5gAOtMoa5M6U%2FP2uxqoQy%2BQo%2BnPTNeHXwWGTeZxABjBMSkoksnLd5jqcocJ55IPKjHDQdYclzuMKNopHmL2%2B8m4oPgzj1Tgtn8Zzv%2BeDAzGAslcBdsq9WcwLbv00cWCZTNG70QW"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e887839afe696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 975C 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:19 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
cdb
bidder.criteo.com/ Frame 975C 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=61717251184&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:19 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
v1
prg.smartadserver.com/prebid/ Frame 975C 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:18 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
script.js
acdn.adnxs-simple.com/strikeforce/ Frame 8529 		122 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs-simple.com/strikeforce/script.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.124.180 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-124-180.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
336e9badb32b4ce8c15616c6001d6a21640864ddbcfad231b9ed5dce1a323134

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:19 GMT
Content-Encoding
gzip
Last-Modified
Tue, 13 Dec 2022 17:30:57 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"6398b6d1-1e79f"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Length
43824
Expires
Sun, 25 Dec 2022 10:07:21 GMT
trk.js
cdn.adnxs.com/v/s/231/ Frame 8529 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/231/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a6014f6b98eaeb6078b9e1c953c61f33af95d5f4866d89a416d01b74a0dd6c27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Expires
Wed, 06 Dec 2023 04:35:13 GMT
Date
Sat, 24 Dec 2022 10:07:19 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
1575126
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27455
X-Served-By
cache-lga13620-LGA, cache-hhn-etou8220052-HHN
Last-Modified
Wed, 30 Nov 2022 10:07:25 GMT
Server
AkamaiNetStorage
X-Timer
S1671876440.625517,VS0,VE0
ETag
"48b9fe7fe4120aea6f95a30f505d7b35:1669802845.0694"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
17, 2166485
it
fra1-ib.adnxs.com/ Frame 8529 		0
930 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fforward.com%252F&e=wqT_3QKoC_BMqAUAAAMA1gAFAQjWnpudBhCn0NGXgqud83UYja-4qpOZ7ppWKjYJDJOpglFJfT8RflWRfrkedj8ZAAAAgBSu5z8hflWRfrkedj8pDJMJJPCaMQAAAEDheoQ_MPmGhQw4mFBA4RhIAlCb0ra5AViezX9gAGix8pcBePzFBIABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJpdWYoJ2EnLCA0NTA2MTg4LCAwKTt1ZignaScsIDc2NTY5MjYsIDApO3VmKCdnJywgMTkxMDI1MDcsIDAJKTxzJywgMjc4NTgwOTIyLCAwCRYwcicsIDM4ODg2ODM3OQUW9IEBkgKJBSFsMy01WUFqWDl1TVpFSnZTdHJrQkdBQWduczFfTUFFNEFFQUFTT0VZVVBtR2hReFlBR0M5Qm1nQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkFxZ0JBckFCQUxrQk5FNWNPNVdXZXpfQkFmUkQ0TFgzUm4wX3lRRUFBQURBek16c1A5a0JTRE1XVFdjbjdqX2dBZDZyMHdQMUFRQUFRRUNZQWdDZ0FnQzFBZ0FBQUFDOUFnQUFBQURBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0SWdfeS1KeEFFR0FFdHdYS3dPYUlERXdpdDBfTW1FQW9ZQVMxbVptWV9NZ04xYm5HaUF3NEltcm1ZSlJBTEdBSXRBQUFBQUxvRENVWlNRVEU2TmpZeU9PQURpRENBQkpIa3FnbUlCTENKcXdtUUJBR1lCQVN5QkFrSXZ1b1JFSl9jcEEyNkJCa0k3UWdSdUI2RjYxRzRuajhaQUFBQUEBy1hBQWd2dW9Sd1FTNEhvWHJVYmllUDhrRQkbAQEYRFlCQUR4QgELDQF4aUFYa001Z0Z1cDNyaEFHcEJVZ3pGazFuSi00X3NRVQ0mFEFBQU1FRgEHCQE4REpCUUFBQUtBTGF1a18wLigABE5rFSi4OERfZ0Jjc0Y4QVdyOW8wSi1BWE1oSk1DZ2dZRFJWVlNpQVlBa0FZQm1BWUFvUVkJWzRBQUlRS2dHQkxJR0pBaxEUCEFBQh3HBEJrGRgAQx0YRExnR0NnLi6aApkBIS14WXEyZzqNAhBKN05meQG4BEF4EUIsQ0VBNkNVWlNRVEU2JZFARUNJTUVsSU14Wk5aeWZ1UDEdYQBGHXkIR0c0NWUAMh0YAEgdMAxIZ0FpRaEBAfDXRHdQdy4u2AIA4AKbhU7qAhRodHRwczovL2ZvcndhcmQuY29tL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA_DSkgHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMODAuMjU1LjcuMTA4qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANIEDjMxNjkjRlJBMTo2NjI42gQCCAHgBAHwBJvStrkBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAQ5w2AUB4AUB8AWr70n6BQQIABAAkAYAmAYAuAYAwQYBITAAAPA_0Ab_C9oGFgoQCREZAXQQABgA4AYB8gYCCACABwGIBwCgBwHIB_zFBNIHDQkRKAEmCNoHBgFdcBgA4AcA6gcCCADwB5bFA4oIAhAAlQgAAIA_mAgB&s=e4de142119f63addac31fef0c1df0a5e220d2784
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:19 GMT
AN-X-Request-Uuid
7581c8ac-c154-40ab-96f2-4b90d690316a
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
skeleton.js
pixel.adsafeprotected.com/rjss/st/1193981/66062622/ Frame 8529 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/rjss/st/1193981/66062622/skeleton.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.4.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-4-225.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:19 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
m
secure-gl.imrworldwide.com/cgi-bin/ Frame 8529 		44 B
751 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn361438&cr=388868379&ce=esome_com&pc=AP_278580922&ci=nlsnci1671&am=4&at=view&rt=banner&st=image&cy=1&gdpr=0&gdpr_consent=&r=1506152646
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:3c00:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:19 GMT
via
1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy
cross-origin
content-length
44
pragma
no-cache
server
nginx
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods
POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
x-amz-cf-id
1o4H4D67sijUz3YXFlITy-cYMl_-XfMavSUgG0wEZaiTOiWvqTfubQ==
expires
Thu, 01 Dec 1994 16:00:00 GMT
1x1.gif
imagesrv.adition.com/ Frame 8529
Redirect Chain
  • https://ad13.adfarm1.adition.com/banner?sid=4317211&gdpr=0&gdpr_consent=&kid=5564120&bid=16870234&wpt=C&ts=%5Btimestamp%5D&prf%5Bcustom_1%5D=%5BCID%5D&prf%5Bcustom_2%5D=%5BGID%5D
  • https://imagesrv.adition.com/1x1.gif
68 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesrv.adition.com/1x1.gif
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=rrurktyjt&e=1971603729092
Protocol
H2
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
5fb3bdb7f966c852579fb6b0574517445d5b2d171c804d66227ee67b1bffca9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 24 Dec 2022 10:07:20 GMT
last-modified
Fri, 24 Jul 2009 13:46:10 GMT
accept-ranges
bytes
etag
"3122740758"
content-length
68
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:07:19 +0100
server
ADITIONSERVER v1.0
etag
7180654628469017359
content-type
text/plain
location
https://imagesrv.adition.com/1x1.gif
access-control-allow-origin
*
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
cache-control
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
j-6162252-3290827.js
cdn.flashtalking.com/xre/616/6162252/3290827/js/ Frame A931 		86 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/xre/616/6162252/3290827/js/j-6162252-3290827.js
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/imp/2/171383;6162252;201;js;GroupMCompetenceCenter;DEToyotaAlwaysOnRangeAlwaysOnConvertDisplayLightReactionProspectingSuperBanner0122/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ft_section=17801719_AYGOX_PR_INFRA&ftOBA=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dicavjgt%26e%3D1535582086632&ft_keyword=17801719_AYGOX_PR_INFRA&gdpr=0&gdpr_consent=&cachebuster=759780.1377941741
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
1c67e5a80dec6262552573a039128251d895be8c9a5240e7f9e71a2eb3c9c06b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:19 GMT
Content-Encoding
gzip
x-amz-request-id
PJAVETC4NVK97FHA
Connection
Keep-Alive
Content-Length
21350
x-amz-id-2
psmqyX+k+KpdL8Ivu3Gbnzjd9jQS+vpAOteoB25ioBEHLK57vXIZXBBA5tFJwvXefhQ/AFDkr/I=
Last-Modified
Fri, 26 Aug 2022 10:15:40 GMT
ETag
"1661508940"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
X-HW
1671876439.dop139.fr8.t,1671876439.cds159.fr8.shn,1671876439.dop139.fr8.t,1671876439.cds273.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=466
Accept-Ranges
bytes
translator
hbopenbid.pubmatic.com/ Frame BD25 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:18 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame BD25 		333 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876438231&tk_flint=pbjs_lite_v7.19.0&x_source.tid=9e971133-acf3-40c4-84e4-a1fcc7981b1d&l_pb_bid_id=489df0474e801&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5457122316484244
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
0c319ddafd80f6d455f301e3dd9953f167469dd153443e552abad9809c42d18f

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:19 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
333
expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ Frame BD25 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=16175955484&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:19 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame BD25 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:19 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
v1
prg.smartadserver.com/prebid/ Frame BD25 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:19 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ Frame BD25 		37 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2211b38cab5aefd6d%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876438231%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876438231%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22121cc042ed827d5%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%229e971133-acf3-40c4-84e4-a1fcc7981b1d%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%2205cc327f-9cd0-4aa0-a98c-3bd1cf7b7291%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
616a4a2317038317d7b89f28ed96e829bc7cf244aa3fc3685207dc23ff41accc

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aA7pk7boZgoUL24eT7puHJIfD9gbwYFFR7V6anLyR948CcLDX62FYXKUIX8Z%2F5k6HrWDOUE9mh%2Fk2xDJ1RHeZmOc09SUSjJdXvKM%2FOlvtmGsAO5Ni32RcyPfclqFAeq%2BApx1HwIL"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e88783bb25696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
prebid
ib.adnxs.com/ut/v3/ Frame BD25 		15 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
a46f5a91c8430fc5bed35eacb842cbed70e5acc34bb6f7e6f97fc793a165e316
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 24 Dec 2022 10:07:19 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
1e09cecd-d899-4e68-a938-ac8c2f994843
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
j-6162252-3290827.js
cdn.flashtalking.com/xre/616/6162252/3290827/js/ Frame 9393 		86 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/xre/616/6162252/3290827/js/j-6162252-3290827.js
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/imp/2/171383;6162252;201;js;GroupMCompetenceCenter;DEToyotaAlwaysOnRangeAlwaysOnConvertDisplayLightReactionProspectingSuperBanner0122/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ft_section=17801719_AYGOX_PR_INFRA&ftOBA=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dybwpafwce%26e%3D1535582086632&ft_keyword=17801719_AYGOX_PR_INFRA&gdpr=0&gdpr_consent=&cachebuster=524893.7704190068
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
1c67e5a80dec6262552573a039128251d895be8c9a5240e7f9e71a2eb3c9c06b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:19 GMT
Content-Encoding
gzip
x-amz-request-id
PJAVETC4NVK97FHA
Connection
Keep-Alive
Content-Length
21350
x-amz-id-2
psmqyX+k+KpdL8Ivu3Gbnzjd9jQS+vpAOteoB25ioBEHLK57vXIZXBBA5tFJwvXefhQ/AFDkr/I=
Last-Modified
Fri, 26 Aug 2022 10:15:40 GMT
ETag
"1661508940"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
X-HW
1671876439.dop133.fr8.t,1671876439.cds107.fr8.shn,1671876439.dop133.fr8.t,1671876439.cds273.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=466
Accept-Ranges
bytes
j-6162252-3290827.js
cdn.flashtalking.com/xre/616/6162252/3290827/js/ Frame 90BF 		86 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/xre/616/6162252/3290827/js/j-6162252-3290827.js
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/imp/2/171383;6162252;201;js;GroupMCompetenceCenter;DEToyotaAlwaysOnRangeAlwaysOnConvertDisplayLightReactionProspectingSuperBanner0122/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ft_section=17801719_AYGOX_PR_INFRA&ftOBA=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Defljs%26e%3D1535582086632&ft_keyword=17801719_AYGOX_PR_INFRA&gdpr=0&gdpr_consent=&cachebuster=273351.3404336505
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
1c67e5a80dec6262552573a039128251d895be8c9a5240e7f9e71a2eb3c9c06b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:19 GMT
Content-Encoding
gzip
x-amz-request-id
PJAVETC4NVK97FHA
Connection
Keep-Alive
Content-Length
21350
x-amz-id-2
psmqyX+k+KpdL8Ivu3Gbnzjd9jQS+vpAOteoB25ioBEHLK57vXIZXBBA5tFJwvXefhQ/AFDkr/I=
Last-Modified
Fri, 26 Aug 2022 10:15:40 GMT
ETag
"1661508940"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
X-HW
1671876439.dop231.fr8.t,1671876439.cds164.fr8.shn,1671876439.dop231.fr8.t,1671876439.cds273.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=466
Accept-Ranges
bytes
banner
ad4.adfarm1.adition.com/ Frame CC5B 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4.adfarm1.adition.com/banner?sid=3692289&wpt=H&ac=-1&bid=16707077&userid=7124704239831220522&clickurl=https://fra1-ib.adnxs.com/click?DJOpglFJfT9-VZF-uR52PwAAAIAUruc_flWRfrkedj8Mk6mCUUl9PzzsOzqF2igtjRdONcm4NVZWz6ZjAAAAAHlDgQEYKAAAYQwAAAIAAAAbqS0XnuYfAAAAAABVU0QARVVSACwB-gAx-QAAAAABAQUCAAAAAMoAyyFXpQAAAAA./bcr=AAAAAAAA8D8=/cnd=%219BZB2AjX9uMZEJvStrkBGJ7NfyAAKAAxAAAAAAAACEA6CUZSQTE6NjYzMECIMElIMxZNZyfuP1EAAAAAAAAAAFkAAAAAAAAAAGG4HoXrUbieP2kAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MzE2OSNGUkExOjY2MzA=/bn=99395/clickenc=
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad4.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
0b0c87679bd61b258e7ec182a6419a8fdaa370c440c19574fd4705579c1f1962

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 11:07:19 +0100
expires
Sat, 01 Jan 2000 00:00:00 GMT
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pragma
no-cache
server
ADITIONSERVER v1.0
async_usersync.html
acdn.adnxs.com/dmp/ Frame CF04 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
53027
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 24 Dec 2022 10:07:19 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 15 Dec 2022 19:23:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
100, 270931
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220068-HHN
X-Timer
S1671876440.678287,VS0,VE0
rd_log
fra1-ib.adnxs.com/ Frame B800 		0
930 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fforward.com%2F&e=wqT_3QLIDfBMyAYAAAMA1gAFAQjWnpudBhC82O_R09C2lC0Yja-4qpOZ7ppWKjYJDJOpglFJfT8RflWRfrkedj8ZAAAAgBSu5z8hflWRfrkedj8pDJMJJPCaMQAAAEDheoQ_MPmGhQw4mFBA4RhIAlCb0ra5AViezX9gAGix8pcBeMOIBoABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJpdWYoJ2EnLCA0NTA2MTg4LCAwKTt1ZignaScsIDc2NTY5MjYsIDApO3VmKCdnJywgMTkxMDI1MDcsIDAJKTxzJywgMjc4NTgwOTIyLCAwCRYwcicsIDM4ODg2ODM3OQUW9IEBkgKJBSFrbjhGV3dqWDl1TVpFSnZTdHJrQkdBQWduczFfTUFFNEFFQUFTT0VZVVBtR2hReFlBR0M5Qm1nQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkFxZ0JBckFCQUxrQk5FNWNPNVdXZXpfQkFmUkQ0TFgzUm4wX3lRRUFBQURBek16c1A5a0JTRE1XVFdjbjdqX2dBZDZyMHdQMUFRQUFRRUNZQWdDZ0FnQzFBZ0FBQUFDOUFnQUFBQURBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0SWdfeS1KeEFFR0FFdHdYS3dPYUlERXdpdDBfTW1FQW9ZQVMxbVptWV9NZ04xYm5HaUF3NEltcm1ZSlJBTEdBSXRBQUFBQUxvRENVWlNRVEU2TmpZek1PQURpRENBQkpIa3FnbUlCTENKcXdtUUJBR1lCQVN5QkFrSXZ1b1JFSl9jcEEyNkJCa0k3UWdSdUI2RjYxRzRuajhaQUFBQUEBy1hBQWd2dW9Sd1FTNEhvWHJVYmllUDhrRQkbAQEYRFlCQUR4QgELDQF4aUFYbU01Z0Z1cDNyaEFHcEJVZ3pGazFuSi00X3NRVQ0mFEFBQU1FRgEHCQE4REpCUUFBQUtBTGF1a18wLigABE5rFSi4OERfZ0Jjc0Y4QVdyOW8wSi1BWE1oSk1DZ2dZRFJWVlNpQVlBa0FZQm1BWUFvUVkJWzRBQUlRS2dHQkxJR0pBaxEUCEFBQh3HBEJrGRgAQx0YRExnR0NnLi6aApkBITlCWkIyQTqNAhBKN05meQG4BEF4EUIsQ0VBNkNVWlNRVEU2JZFARUNJTUVsSU14Wk5aeWZ1UDEdYQBGHXkIR0c0NWUAMh0YAEgdMAxIZ0FpRaEBAfBARHdQdy4u2AIA4AKbhU7qAhRodHRwczovL2ZvcndhcmQuY29tL_ICEQoGQURWX0lEEgc0NTA2MTg48gISCgZDUEcBFAQIMW2jARUIBUNQARQACXWiPPICDQoIQURWX0ZSRVESATAFEBxSRU1fVVNFUgUQABUJIFhDT0RFEglMQU1CT18xMzbyAgwKCENQRwkYHADyAgsKB0NQFQ4QEAoFSU8BaggHNzaFNQUhBElPFSE4EwoPQ1VTVE9NX01PREVMASsUAPICGgoWMhYAIExFQUZfTkFNRQEdCB4KGjYdAAhBU1QBPhBJRklFRAEhHBUKCFNQTElUAU0Z4vCGgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgD8NKSAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBAw4MC4yNTUuNy4xMDioBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQOMzE2OSNGUkExOjY2MzDaBAIIAeAEAfAEpaIgiAUBmAUAoAX_EQEYAcAFAMkFAAUBFPA_0gUJCQULfAAAANgFAeAFAfAFq-9J-gUECAAQAJAGAJgGALgGAMEGASEwAADwP9AG_wvaBhYKEAkRGQFwEAAYAOAGAfIGAggAgAcBiAcAoAcByAfDiAbSBw0VZAEmCNoHBgFdcBgA4AcA6gcCCADwB5bFA4oIAhAAlQgAAIA_mAgB&s=76afd6dd7a3d386a5fbb6dd4eb63ccf16d663587&bdref=https%3A%2F%2Fforward.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fforward.com%2F,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dhmvbpoai%26e%3D1971603729092,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dhmvbpoai%26e%3D1971603729092&
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:19 GMT
AN-X-Request-Uuid
66820ba4-6fb6-4001-95a4-7f372e919fe6
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
trk.js
cdn.adnxs.com/v/s/231/ Frame B800 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/231/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a6014f6b98eaeb6078b9e1c953c61f33af95d5f4866d89a416d01b74a0dd6c27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Expires
Wed, 06 Dec 2023 04:35:13 GMT
Date
Sat, 24 Dec 2022 10:07:19 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
1575126
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27455
X-Served-By
cache-lga13620-LGA, cache-hhn-etou8220062-HHN
Last-Modified
Wed, 30 Nov 2022 10:07:25 GMT
Server
AkamaiNetStorage
X-Timer
S1671876440.645631,VS0,VE0
ETag
"48b9fe7fe4120aea6f95a30f505d7b35:1669802845.0694"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
17, 1432165
it
fra1-ib.adnxs.com/ Frame B800 		0
930 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fforward.com%252F&e=wqT_3QKoC_BMqAUAAAMA1gAFAQjWnpudBhC82O_R09C2lC0Yja-4qpOZ7ppWKjYJDJOpglFJfT8RflWRfrkedj8ZAAAAgBSu5z8hflWRfrkedj8pDJMJJPCaMQAAAEDheoQ_MPmGhQw4mFBA4RhIAlCb0ra5AViezX9gAGix8pcBeMOIBoABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJpdWYoJ2EnLCA0NTA2MTg4LCAwKTt1ZignaScsIDc2NTY5MjYsIDApO3VmKCdnJywgMTkxMDI1MDcsIDAJKTxzJywgMjc4NTgwOTIyLCAwCRYwcicsIDM4ODg2ODM3OQUW9IEBkgKJBSFrbjhGV3dqWDl1TVpFSnZTdHJrQkdBQWduczFfTUFFNEFFQUFTT0VZVVBtR2hReFlBR0M5Qm1nQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkFxZ0JBckFCQUxrQk5FNWNPNVdXZXpfQkFmUkQ0TFgzUm4wX3lRRUFBQURBek16c1A5a0JTRE1XVFdjbjdqX2dBZDZyMHdQMUFRQUFRRUNZQWdDZ0FnQzFBZ0FBQUFDOUFnQUFBQURBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0SWdfeS1KeEFFR0FFdHdYS3dPYUlERXdpdDBfTW1FQW9ZQVMxbVptWV9NZ04xYm5HaUF3NEltcm1ZSlJBTEdBSXRBQUFBQUxvRENVWlNRVEU2TmpZek1PQURpRENBQkpIa3FnbUlCTENKcXdtUUJBR1lCQVN5QkFrSXZ1b1JFSl9jcEEyNkJCa0k3UWdSdUI2RjYxRzRuajhaQUFBQUEBy1hBQWd2dW9Sd1FTNEhvWHJVYmllUDhrRQkbAQEYRFlCQUR4QgELDQF4aUFYbU01Z0Z1cDNyaEFHcEJVZ3pGazFuSi00X3NRVQ0mFEFBQU1FRgEHCQE4REpCUUFBQUtBTGF1a18wLigABE5rFSi4OERfZ0Jjc0Y4QVdyOW8wSi1BWE1oSk1DZ2dZRFJWVlNpQVlBa0FZQm1BWUFvUVkJWzRBQUlRS2dHQkxJR0pBaxEUCEFBQh3HBEJrGRgAQx0YRExnR0NnLi6aApkBITlCWkIyQTqNAhBKN05meQG4BEF4EUIsQ0VBNkNVWlNRVEU2JZFARUNJTUVsSU14Wk5aeWZ1UDEdYQBGHXkIR0c0NWUAMh0YAEgdMAxIZ0FpRaEBAfDXRHdQdy4u2AIA4AKbhU7qAhRodHRwczovL2ZvcndhcmQuY29tL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA_DSkgHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMODAuMjU1LjcuMTA4qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANIEDjMxNjkjRlJBMTo2NjMw2gQCCAHgBAHwBJvStrkBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAQ5w2AUB4AUB8AWr70n6BQQIABAAkAYAmAYAuAYAwQYBITAAAPA_0Ab_C9oGFgoQCREZAXQQABgA4AYB8gYCCACABwGIBwCgBwHIB8OIBtIHDQkRKAEmCNoHBgFdcBgA4AcA6gcCCADwB5bFA4oIAhAAlQgAAIA_mAgB&s=0840faf76275c071da715622602648d07ad55da4
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:19 GMT
AN-X-Request-Uuid
3298b134-a240-4924-b468-be76a578f805
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
skeleton.js
pixel.adsafeprotected.com/rjss/st/1193981/66062622/ Frame B800 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/rjss/st/1193981/66062622/skeleton.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.4.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-4-225.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:19 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
m
secure-gl.imrworldwide.com/cgi-bin/ Frame B800 		44 B
749 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn361438&cr=388868379&ce=esome_com&pc=AP_278580922&ci=nlsnci1671&am=4&at=view&rt=banner&st=image&cy=1&gdpr=0&gdpr_consent=&r=290232852
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:3c00:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:19 GMT
via
1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy
cross-origin
content-length
44
pragma
no-cache
server
nginx
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods
POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
x-amz-cf-id
b0i9sYEOWuVJXV_JMvnn7falh52_in2iepo4CalhVkcxRfGeaMEduw==
expires
Thu, 01 Dec 1994 16:00:00 GMT
1x1.gif
imagesrv.adition.com/ Frame B800
Redirect Chain
  • https://ad13.adfarm1.adition.com/banner?sid=4317211&gdpr=0&gdpr_consent=&kid=5564120&bid=16870234&wpt=C&ts=%5Btimestamp%5D&prf%5Bcustom_1%5D=%5BCID%5D&prf%5Bcustom_2%5D=%5BGID%5D
  • https://imagesrv.adition.com/1x1.gif
68 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesrv.adition.com/1x1.gif
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=hmvbpoai&e=1971603729092
Protocol
H2
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
5fb3bdb7f966c852579fb6b0574517445d5b2d171c804d66227ee67b1bffca9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 24 Dec 2022 10:07:20 GMT
last-modified
Fri, 24 Jul 2009 13:46:10 GMT
accept-ranges
bytes
etag
"3122740758"
content-length
68
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:07:19 +0100
server
ADITIONSERVER v1.0
etag
7180654628469345039
content-type
text/plain
location
https://imagesrv.adition.com/1x1.gif
access-control-allow-origin
*
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
cache-control
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame DC41 		36 B
499 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2216b29d4f0bf186%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876438240%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876438240%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222f653e5219e9d5%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%22f811e2ee-7d67-4fbd-84eb-3f39a62a3851%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%22c690b640-e96f-403b-b566-5fce4f677461%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15aa6a4a76d8a15a3b33c1b8aadf1bd5f3ca4586ff840f8b49aad4ed209f4a47

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q1cpeveExTLaJ13jmNiq2f875r6k1JrT%2FhS2ybNaEW7sFg4WsRcmVMehx3qybpmboA0GwGe4g76%2FIvtXmj8wtfYQAu0muAFTuoU3aRqzF1rLvH0iZxR6Fw9vZjUPXXt4%2FjA8XRyo"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e88783db65696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
prebid
ib.adnxs.com/ut/v3/ Frame DC41 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
eabcc9748981077e9ff24a067112f56e07d07e272d65ea31e5c3eba1bc6decbf
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:19 GMT
AN-X-Request-Uuid
57d99c51-04bc-4234-9b10-697ab8816b4b
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame DC41 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:19 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
v1
prg.smartadserver.com/prebid/ Frame DC41 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:19 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ Frame DC41 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:19 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame DC41 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=73767765615&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:19 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame DC41 		333 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876438240&tk_flint=pbjs_lite_v7.19.0&x_source.tid=f811e2ee-7d67-4fbd-84eb-3f39a62a3851&l_pb_bid_id=14738ceb1d56f1&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.517345701875864
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
872e2f6dd758da5494fe038356b9a16a0487971b3d028174bf8af9154dd8354f

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:19 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
333
expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
prg.smartadserver.com/prebid/ Frame FF5F 		171 B
558 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:19 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://forward.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame FF5F 		0
173 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://forward.com
date
Sat, 24 Dec 2022 10:07:19 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid
ib.adnxs.com/ut/v3/ Frame FF5F 		137 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
aa0e39885bc8fae60b78e3e7a78a964b43166b1d3c6588b433ce73f8fb7da315
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:19 GMT
AN-X-Request-Uuid
bc273272-da54-4815-8456-f7f8b5643ff5
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://forward.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
137
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ Frame FF5F 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=39390230262&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:19 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://forward.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame FF5F 		416 B
451 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F&tg_i.domain=forward.com&tg_i.pbadslot=%2F21671350435%2C22712312433%2F728x90-forward.com&tk_flint=pbjs_lite_v7.19.0&x_source.tid=3b2ca01d-d262-4c4f-863f-da8e8e661f43&l_pb_bid_id=10b7ab90139c5a4&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8869219492511131
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
e7e0b42b5c96a9f90275de9194b3dcd1cc31b13f62a26b2692069f1898b1e6b4

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:19 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://forward.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
416
expires
Wed, 17 Sep 1975 21:32:10 GMT
/
shb.richaudience.com/hb/ Frame FF5F 		4 B
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.55.101.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.208.101.55.162.clients.your-server.de
Software
nginx/1.14.1 /
Resource Hash
d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:12 GMT
content-encoding
gzip
server
nginx/1.14.1
vary
Accept-Encoding, Accept-Encoding
access-control-max-age
86400
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://forward.com
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ Frame FF5F 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://forward.com
date
Sat, 24 Dec 2022 10:07:19 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ Frame FF5F 		37 B
503 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22156dcc2ee971567%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22%2F21671350435%2C22712312433%2F728x90-forward.com%22%2C%22adunitcode%22%3A%22%2F21671350435%2C22712312433%2F728x90-forward.com%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221608ca02540b64b%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%223b2ca01d-d262-4c4f-863f-da8e8e661f43%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%22fda3daf7-3374-433d-8037-56adba3bcd24%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d582ae0cd2acd6357994ccf36a4151d46d233dfbce7834ed9f5c43f2be4ab04f

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NxpIlLee8BHXHAuNa2yfJ%2BcVWhEc%2BRSQlwwAT%2BQNhW4fk%2BmkqPtlG7dYVIdd98aHiwNJC1rB5TjOVaame83Iwhbw3mt9hmJIA8u%2FK81EleqEVPryJ2ipeqek%2F3psTOpPQhxiyuBJ"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://forward.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e88783fb8e696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
j-6162252-3290827.js
cdn.flashtalking.com/xre/616/6162252/3290827/js/ Frame 9936 		86 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/xre/616/6162252/3290827/js/j-6162252-3290827.js
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/imp/2/171383;6162252;201;js;GroupMCompetenceCenter;DEToyotaAlwaysOnRangeAlwaysOnConvertDisplayLightReactionProspectingSuperBanner0122/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ft_section=17801719_AYGOX_PR_INFRA&ftOBA=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dhxphinku%26e%3D1535582086632&ft_keyword=17801719_AYGOX_PR_INFRA&gdpr=0&gdpr_consent=&cachebuster=861478.9890703169
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
1c67e5a80dec6262552573a039128251d895be8c9a5240e7f9e71a2eb3c9c06b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:19 GMT
Content-Encoding
gzip
x-amz-request-id
PJAVETC4NVK97FHA
Connection
Keep-Alive
Content-Length
21350
x-amz-id-2
psmqyX+k+KpdL8Ivu3Gbnzjd9jQS+vpAOteoB25ioBEHLK57vXIZXBBA5tFJwvXefhQ/AFDkr/I=
Last-Modified
Fri, 26 Aug 2022 10:15:40 GMT
ETag
"1661508940"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
X-HW
1671876439.dop144.fr8.t,1671876439.cds052.fr8.shn,1671876439.dop144.fr8.t,1671876439.cds273.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=466
Accept-Ranges
bytes
j-6162252-3290827.js
cdn.flashtalking.com/xre/616/6162252/3290827/js/ Frame 96B2 		86 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/xre/616/6162252/3290827/js/j-6162252-3290827.js
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/imp/2/171383;6162252;201;js;GroupMCompetenceCenter;DEToyotaAlwaysOnRangeAlwaysOnConvertDisplayLightReactionProspectingSuperBanner0122/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ft_section=17801719_AYGOX_PR_INFRA&ftOBA=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dajdxfouger%26e%3D1535582086632&ft_keyword=17801719_AYGOX_PR_INFRA&gdpr=0&gdpr_consent=&cachebuster=599051.2576137336
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
1c67e5a80dec6262552573a039128251d895be8c9a5240e7f9e71a2eb3c9c06b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:19 GMT
Content-Encoding
gzip
x-amz-request-id
PJAVETC4NVK97FHA
Connection
Keep-Alive
Content-Length
21350
x-amz-id-2
psmqyX+k+KpdL8Ivu3Gbnzjd9jQS+vpAOteoB25ioBEHLK57vXIZXBBA5tFJwvXefhQ/AFDkr/I=
Last-Modified
Fri, 26 Aug 2022 10:15:40 GMT
ETag
"1661508940"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
X-HW
1671876439.dop107.fr8.t,1671876439.cds251.fr8.shn,1671876439.dop107.fr8.t,1671876439.cds273.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=466
Accept-Ranges
bytes
pbjs
htlb.casalemedia.com/openrtb/ Frame C27A 		36 B
500 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22186ef30ec60be8%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876438251%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876438251%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222292fe2c5a61f1%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%2245a0d710-5ca1-4d1b-8d66-4d6d3407b0b9%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%226087f47f-cbb1-47ef-8c19-a61c71b13d2b%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
570eadf9bd41729ef23431a5b15662c0ca400e3a262137ba1af9f67f6248a6de

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:20 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dAsssqCbhD4uCFcPCUPZD2CL2CM3wKfOKuphznG6KksZ65k9ewg6H0xjdogBpwN72prjPZe9RsVBaWB71hr9Dx%2Fw%2BnTlO99DTma4bB7dlrWbLmHB%2BrtvX7cQUplRo9VO185q2bXp"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e887844c17696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame C27A 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:19 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
v1
prg.smartadserver.com/prebid/ Frame C27A 		171 B
561 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:19 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame C27A 		333 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876438251&tk_flint=pbjs_lite_v7.19.0&x_source.tid=45a0d710-5ca1-4d1b-8d66-4d6d3407b0b9&l_pb_bid_id=816b566c53a03&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7895963330786815
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
d3d13019705a204cd1ed08035642a2f8e6b6e95319a83fa5c3d9b5f149994779

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:19 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
333
expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ Frame C27A 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=61758215283&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:19 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
translator
hbopenbid.pubmatic.com/ Frame C27A 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:18 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame C27A 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4bd0d1405ce2208fe32f72de67c02e3ea0281c7c371b535713d0c21fd3ee5b61
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:19 GMT
AN-X-Request-Uuid
71044ab7-3fac-4174-9194-e59ca8fe7551
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 8D61 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:19 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame 8D61 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=51670357057&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:18 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
v1
prg.smartadserver.com/prebid/ Frame 8D61 		171 B
561 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:18 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ Frame 8D61 		35 B
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%227b1b30540f214%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876438257%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876438257%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%228e46cb795ce55b%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%22abd738d6-5d89-4b4d-9e28-3ee121d33578%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%22ac00e1f2-352b-4ac2-a1b0-3bf28d7c622b%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe13ca84e8dfde72b1eb2cd873e53a03423b06b0932e5870dfb368837db49730

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tC%2FWD5okIEkT8JDrLnCfHqdh92wa75JOL8ukU0ITx1zzbnpsfpIG1NGfblYz77mNSKTGYWRHWqttVGgqZnO2Tkmjvwjc7dqL2S6dWIUiu3DJBfKGQsWbQWhUt5ex%2Bow5TJyB%2F7gK"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e887845c41696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35
expires
0
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 8D61 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:19 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid
ib.adnxs.com/ut/v3/ Frame 8D61 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
ae5b181c9dbaae751bb30bfd96f9ea0ca1faf7693522e65ca0105b15c53bfdcb
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:19 GMT
AN-X-Request-Uuid
2a77aae0-0f60-43c3-8d53-748df7d5f11e
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 8D61 		333 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876438257&tk_flint=pbjs_lite_v7.19.0&x_source.tid=abd738d6-5d89-4b4d-9e28-3ee121d33578&l_pb_bid_id=14a7f07e970d635&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5310076048024064
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
270fa492a92f3da18b4a1747a763911c1b7d8985680bb0d33d139e4d88de3ea3

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:19 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
333
expires
Wed, 17 Sep 1975 21:32:10 GMT
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-M5T63K49VC&gtm=2oebu0&_p=2095372866&cid=550322770.1671876434&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1671876434&sct=1&seg=1&dl=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F&dt=Congressman-elect%20George%20Santos%20lied%20about%20grandparents%20fleeing%20anti-Jewish%20persecution%20during%20WWII%20%E2%80%93%20The%20Forward&en=page_view&_ee=1&_et=3
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M5T63K49VC&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:19 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://forward.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
request.php
hal900010.redintelligence.net/ Frame 3B7F
Redirect Chain
  • https://hal900010.redintelligence.net/request.php?zone=9odysa1gd1m7&nw=20&renderingType=javascript&namespace=80b1edea75&subid=&uid=78c8377b5e12e4a7&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900010.redintelligence.net/request.php?zone=9odysa1gd1m7&nw=20&renderingType=javascript&namespace=80b1edea75&subid=&uid=78c8377b5e12e4a7&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900010.redintelligence.net/request.php?zone=9odysa1gd1m7&nw=20&renderingType=javascript&namespace=80b1edea75&subid=&uid=78c8377b5e12e4a7&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D606178722513727505%26mt_id%3D6622401%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dsnklkezbm%26e%3D1535582086632&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fforward.com&random=5930284631568&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=snklkezbm&e=1535582086632
Protocol
HTTP/1.1
Server
138.201.63.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.145.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
ad61ed6eab59daa00c840b4dd1ad8cf1114d3fb3d264ba2f546bf37453334100

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:20 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
44963500034056600951421012183010
Connection
close
Content-Length
1266
Expires
Sat, 24 Dec 2022 10:07:20 +0100

Redirect headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:19 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=9odysa1gd1m7&nw=20&renderingType=javascript&namespace=80b1edea75&subid=&uid=78c8377b5e12e4a7&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D606178722513727505%26mt_id%3D6622401%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dsnklkezbm%26e%3D1535582086632&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fforward.com&random=5930284631568&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Expires
Sat, 24 Dec 2022 10:07:19 +0100
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://forward.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://forward.com
access-control-max-age
600
age
0
content-length
0
date
Sat, 24 Dec 2022 10:07:19 GMT
server
ATS/9.1.10.25
cookie_sync
prebid.bidstreamserver.com/ Frame 2249 		1 KB
706 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.bidstreamserver.com/cookie_sync
Requested by
Host: ads.bidstreamserver.com
URL: https://ads.bidstreamserver.com/js/prebid-bidstream-7.16.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.227.116.104 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
prebid2.advertserve.com
Software
nginx /
Resource Hash
498035805511a869c5da90a505ea08bf76cfe928e3a47cd6002bd454b0a37a81
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:19 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
application/json; charset=utf-8
access-control-allow-origin
https://forward.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
0
auction
prebid.bidstreamserver.com/openrtb2/ Frame 2249 		268 B
487 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.bidstreamserver.com/openrtb2/auction
Requested by
Host: ads.bidstreamserver.com
URL: https://ads.bidstreamserver.com/js/prebid-bidstream-7.16.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.227.116.104 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
prebid2.advertserve.com
Software
nginx /
Resource Hash
4817d7f4210c208325573ab8d3f53c574462c584e439bbbc1be6d1fc3979628a
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:19 GMT
content-encoding
gzip
server
nginx
x-prebid
pbs-go/unknown
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
application/json
access-control-allow-origin
https://forward.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
0
translator
hbopenbid.pubmatic.com/ Frame 2249 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: ads.bidstreamserver.com
URL: https://ads.bidstreamserver.com/js/prebid-bidstream-7.16.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://forward.com
date
Sat, 24 Dec 2022 10:07:19 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 2249 		276 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23684&site_id=435482&zone_id=2492270&size_id=2&rp_schain=1.0,1!bidstreammedia.com,637,1,,,&eid_pubcid.org=6f087773-b138-4697-9406-4a3911f5ba37%5E1&rf=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F&tg_i.pbadslot=SW_-_forward.com_728x90&tk_flint=pbjs_lite_v7.16.0&x_source.tid=30329d57-1d78-4b47-b0a0-9d162f3f498d&l_pb_bid_id=12f4cc0827616e4&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=SW_-_forward.com_728x90&slots=1&rand=0.9608151460468173
Requested by
Host: ads.bidstreamserver.com
URL: https://ads.bidstreamserver.com/js/prebid-bidstream-7.16.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
ed18bc1b9a4257617b0a4f0f0a2e4714f5e4fc204390c06d56ebc1c50a00ad33

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:19 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://forward.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
276
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 2249 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.bidstreamserver.com
URL: https://ads.bidstreamserver.com/js/prebid-bidstream-7.16.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
f9a65f7d0654f1a89f101fc189fc5e7876b466ecc0b3daced8ccc63044a382cf
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:19 GMT
AN-X-Request-Uuid
9a8f0251-915c-4e61-8b64-b7c0085a30c6
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://forward.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bidRequest
c2shb.pubgw.yahoo.com/ Frame 2249 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: ads.bidstreamserver.com
URL: https://ads.bidstreamserver.com/js/prebid-bidstream-7.16.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
5f8423431189ca7e761037939f5d8dc918ed733501d55a880c338cb4c95cba34

Request headers

Referer
https://forward.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 24 Dec 2022 10:07:19 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://forward.com
access-control-allow-credentials
true
content-length
66
v1
prg.smartadserver.com/prebid/ Frame 2249 		0
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: ads.bidstreamserver.com
URL: https://ads.bidstreamserver.com/js/prebid-bidstream-7.16.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:19 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://forward.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
bid
ap.lijit.com/rtb/ Frame 2249 		24 B
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.16.0
Requested by
Host: ads.bidstreamserver.com
URL: https://ads.bidstreamserver.com/js/prebid-bidstream-7.16.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
6f4af11747c01a00d372662ac9e748708fc821a07542e97ebd7ce7b5d1f9fd38

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 24 Dec 2022 10:07:19 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://forward.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://forward.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://forward.com
access-control-max-age
600
age
0
content-length
0
date
Sat, 24 Dec 2022 10:07:19 GMT
server
ATS/9.1.10.25
cookie_sync
prebid.bidstreamserver.com/ Frame B945 		1 KB
708 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.bidstreamserver.com/cookie_sync
Requested by
Host: ads.bidstreamserver.com
URL: https://ads.bidstreamserver.com/js/prebid-bidstream-7.16.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.227.116.104 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
prebid2.advertserve.com
Software
nginx /
Resource Hash
cb0dceddf8bf9874cb5d2008b17c9acaec367feedfda2b9a88d1e3bbc1667694
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:19 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
application/json; charset=utf-8
access-control-allow-origin
https://forward.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
0
auction
prebid.bidstreamserver.com/openrtb2/ Frame B945 		270 B
487 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.bidstreamserver.com/openrtb2/auction
Requested by
Host: ads.bidstreamserver.com
URL: https://ads.bidstreamserver.com/js/prebid-bidstream-7.16.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.227.116.104 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
prebid2.advertserve.com
Software
nginx /
Resource Hash
fd41e599ae317daad4f95bddf6326bd7c660229ff13817c84551a9774395a7f8
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:19 GMT
content-encoding
gzip
server
nginx
x-prebid
pbs-go/unknown
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
application/json
access-control-allow-origin
https://forward.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame B945 		276 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23684&site_id=435482&zone_id=2492270&size_id=2&rp_schain=1.0,1!bidstreammedia.com,637,1,,,&eid_pubcid.org=6f087773-b138-4697-9406-4a3911f5ba37%5E1&rf=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F&tg_i.pbadslot=SW_-_forward.com_728x90&tk_flint=pbjs_lite_v7.16.0&x_source.tid=87a6fd9b-6dc6-4285-9173-1b51de4ec659&l_pb_bid_id=1085bd069b15fe9&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=SW_-_forward.com_728x90&slots=1&rand=0.4050602561348067
Requested by
Host: ads.bidstreamserver.com
URL: https://ads.bidstreamserver.com/js/prebid-bidstream-7.16.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
ad4a1a74e12f78bc85fdcec12ec0bdd7e660991ec0ede5a7c3c294467b97047f

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:19 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://forward.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
276
expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
prg.smartadserver.com/prebid/ Frame B945 		0
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: ads.bidstreamserver.com
URL: https://ads.bidstreamserver.com/js/prebid-bidstream-7.16.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:19 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://forward.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
bid
ap.lijit.com/rtb/ Frame B945 		24 B
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.16.0
Requested by
Host: ads.bidstreamserver.com
URL: https://ads.bidstreamserver.com/js/prebid-bidstream-7.16.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
7999aacf3c911d4d85d33491b144590fbdbf7882852b01ea84b10b2e82301038

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 24 Dec 2022 10:07:19 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://forward.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
bidRequest
c2shb.pubgw.yahoo.com/ Frame B945 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: ads.bidstreamserver.com
URL: https://ads.bidstreamserver.com/js/prebid-bidstream-7.16.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
d6db51dde821787b0874c49cc45668b2d8068e9990f939dddba89e49eab36884

Request headers

Referer
https://forward.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 24 Dec 2022 10:07:19 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://forward.com
access-control-allow-credentials
true
content-length
66
translator
hbopenbid.pubmatic.com/ Frame B945 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: ads.bidstreamserver.com
URL: https://ads.bidstreamserver.com/js/prebid-bidstream-7.16.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://forward.com
date
Sat, 24 Dec 2022 10:07:19 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame B945 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.bidstreamserver.com
URL: https://ads.bidstreamserver.com/js/prebid-bidstream-7.16.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
65f5d9a031d4e6a60aadaba1eca2b36e6ba774fcbaa8b3e76c376650e10ac026
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:19 GMT
AN-X-Request-Uuid
a74bb73a-0c9b-4e7d-9459-f751f131f606
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://forward.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
adition.js
imagesrv.adition.com/js/ Frame 9A69 		32 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/js/adition.js
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:19 GMT
content-encoding
br
last-modified
Thu, 21 Oct 2021 06:32:42 GMT
etag
"4043560335-br"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
8355
js
ad4.adfarm1.adition.com/ Frame 9A69 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4.adfarm1.adition.com/js?wp_id=4787252&gdpr=0&gdpr_consent=&prf[paappid]=&prf[padevid]=&prf[IDFA]=&prf[ADVERTISINGID]=&prf[pasource]=&prf[paplacementid]=6063205&prf[papublisherid]=1654713&prf[paref]=https%3A%2F%2Fforward.com%2F&prf[pasupplytype]=0&prf[padsp]=apx&prf[padevice]=0&prf[paadformat]=300x250&prf[pavendor]=&prf[paclickid]=&prf[pacarrier]=1&prf[paauction]=7452539783848812721&prf[pageolat]=&prf[pageolon]=&prf[padspuserid]=6212074435349714829&prf[passp]=10264&keyword=[mtp](cid)406782908[AAID][IDFA][u]https%3A%2F%2Fforward.com%2F[p]1654713[mtp](segc)&clickurl=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FkmrOcDsU4D8iU7tT2MHYPwAAAIAUruc_R8XGl-xq5D8TDyibcoXqP7FgxrpyvWxnjRdONcm4NVZWz6ZjAAAAAHlDgQEYKAAAsAQAAAIAAAC8Az8YnuYfAAAAAABVU0QARVVSACwB-gAx-QAAAAABAQUCAAAAAMoACCYpQAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521ABIX-gjJo5YaELyH_MEBGJ7NfyAAKAAxAAAAAAAAAAA6CUZSQTE6NTI5OECIMElIMxZNZyfuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTIwMCNGUkExOjUyOTg%3D%2Fbn%3D93260%2Fclickenc%3D
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad4.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
d2c072cd7d1a1853765e42579432855238d399ddac4e07ac399175ed31539a4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
date
Sat, 24 Dec 2022 11:07:19 +0100
cache-control
max-age=600
content-encoding
gzip
content-type
application/x-javascript
server
ADITIONSERVER v1.0
expires
Sat, 01 Jan 2000 00:00:00 GMT
trk.js
cdn.adnxs.com/v/s/231/ Frame 9A69 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/231/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a6014f6b98eaeb6078b9e1c953c61f33af95d5f4866d89a416d01b74a0dd6c27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Expires
Wed, 06 Dec 2023 04:35:13 GMT
Date
Sat, 24 Dec 2022 10:07:19 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
1575126
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27455
X-Served-By
cache-lga13620-LGA, cache-hhn-etou8220062-HHN
Last-Modified
Wed, 30 Nov 2022 10:07:25 GMT
Server
AkamaiNetStorage
X-Timer
S1671876440.800018,VS0,VE0
ETag
"48b9fe7fe4120aea6f95a30f505d7b35:1669802845.0694"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
17, 1432167
it
fra1-ib.adnxs.com/ Frame 9A69 		0
930 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fforward.com%252F&e=wqT_3QLSCvQhA1IFAAADANYABQEI1p6bnQYQscGZ1quur7ZnGI2vuKqTme6aVio2CZJqznA7FOA_ESJTu1PYwdg_GQAAAIAUruc_IUfFxpfsauQ_KRMPKJtyheo_MQAAAEDheoQ_MPmGhQw4mFBAsAlIAlC8h_zBAViezX9gAGix8pcBeMzYBYABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJodWYoJ2EnLCA5ODExNzAsIDApO3VmKCdpJywgNzg4MjczMCwgMCk7dWYoJ2cnLCAxOTg4NTYyNSwgMCk7dWYoJ3MnLCAyODA4OTA2NTksIDApO3VmKCdyJywgNDA2NzgyOTA4LCAwKTuSArUEIUIyZ09SZ2pKbzVZYUVMeUhfTUVCR0FBZ25zMV9NQUE0QUVBQVNMQUpVUG1HaFF4WUFHQzlCbWdBY0FCNEFJQUJBSWdCQUpBQkFaZ0JBYUFCQWFnQkFiQUJBTGtCQXZkeVRjVDk2RF9CQVd1S2h6OXpoZW9feVFFQUFBQUFBQUR3UDlrQlNETVdUV2NuN2pfZ0FlcVA0UVAxQVJ6dVJ6LVlBZ0NnQWdHMUFnQUFBQUM5QWdBQUFBREFBZ0RJQWdEUUFnRFlBZ0RnQWdEb0FnRDRBZ0NBQXdHWUF3R2lBdzRJbnQyeEp4QUJHQUl0QUFEQVFLSUREZ2llM2JFbkVBc1lBaTBBQU1CQXVnTUpSbEpCTVRvMU1qazQ0QU9JTUlBRTFlVHdDWWdFM3VUd0NaQUVBSmdFQWNFRUFBQUFBQUFBQUFESkJBQUFBQUFBQUFBQTJBUUE4UVFBQUFBQUFBQUFBSWdGc2ltWUJhT2EtSVVCcVFWSU14Wk5aeWZ1UDdFRkFBQUFBQUFBQUFEQkJRQUFBQUFBQUJoQXlRVUFBQUFBTGFuQVA5RUZBQUFBQUFBQUFBRFpCUUFBQUFBQUFQQV80QVdfaHdYd0JibmN2UW40QmJMeE80SUdBMFZWVW9nR0JKQUdBWmdHQUtFR0FBQUFBQUFBQUFDb0JnU3lCaVFKQUEJxgxBQUFSAQUNAQBaDQgBAQBoAQUJAVRDNEJnby6aApkBIUFCSVgtZ2pKbzVZWTkoSjdOZnlBQUtBQXgJMQUBYDZDVVpTUVRFNk5USTVPRUNJTUVsSU14Wk4lBQQxRQUlBQEERmsFBwUBAEcdGABHHRgASB0YEEhnQWlRERDw10R3UHcuLtgCAOACm4VO6gIUaHR0cHM6Ly9mb3J3YXJkLmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APw0pIB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDgwLjI1NS43LjEwOKgEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADSBA4xMjAwI0ZSQTE6NTI5ONoEAggB4AQB8AS8h_zBAYgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAAAAEObNgFAeAFAfAFygH6BQQIABAAkAYAmAYAuAYAwQYBIDAAAPA_0AbzA9oGFgoQCREZAXQQABgA4AYB8gYCCACABwGIBwCgBwHIB8zYBdIHDQkRKAEmCNoHBgFdcBgA4AcA6gcCCADwB5bFA4oIAhAAlQgAAIA_mAgB&s=b5d217bc02f0e9da050af6658635a2a26c1a7954
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:19 GMT
AN-X-Request-Uuid
4349fefa-4398-4e1b-bbcd-8e3a27910573
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
script.js
acdn.adnxs-simple.com/strikeforce/ Frame CE34 		122 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs-simple.com/strikeforce/script.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.124.180 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-124-180.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
336e9badb32b4ce8c15616c6001d6a21640864ddbcfad231b9ed5dce1a323134

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:19 GMT
Content-Encoding
gzip
Last-Modified
Tue, 13 Dec 2022 17:30:57 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"6398b6d1-1e79f"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Length
43824
Expires
Sun, 25 Dec 2022 10:07:21 GMT
trk.js
cdn.adnxs.com/v/s/231/ Frame CE34 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/231/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a6014f6b98eaeb6078b9e1c953c61f33af95d5f4866d89a416d01b74a0dd6c27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Expires
Wed, 06 Dec 2023 04:35:13 GMT
Date
Sat, 24 Dec 2022 10:07:19 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
1575126
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27455
X-Served-By
cache-lga13620-LGA, cache-hhn-etou8220052-HHN
Last-Modified
Wed, 30 Nov 2022 10:07:25 GMT
Server
AkamaiNetStorage
X-Timer
S1671876440.810343,VS0,VE0
ETag
"48b9fe7fe4120aea6f95a30f505d7b35:1669802845.0694"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
17, 2166486
it
fra1-ib.adnxs.com/ Frame CE34 		0
930 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fforward.com%252F&e=wqT_3QKoC_BMqAUAAAMA1gAFAQjWnpudBhCplq23j4OHvCcYja-4qpOZ7ppWKjYJDJOpglFJfT8RflWRfrkedj8ZAAAAgBSu5z8hflWRfrkedj8pDJMJJPCaMQAAAEDheoQ_MPmGhQw4mFBA4RhIAlCb0ra5AViezX9gAGix8pcBeMmGBoABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJpdWYoJ2EnLCA0NTA2MTg4LCAwKTt1ZignaScsIDc2NTY5MjYsIDApO3VmKCdnJywgMTkxMDI1MDcsIDAJKTxzJywgMjc4NTgwOTIyLCAwCRYwcicsIDM4ODg2ODM3OQUW9IEBkgKJBSFRbjktTEFqWDl1TVpFSnZTdHJrQkdBQWduczFfTUFFNEFFQUFTT0VZVVBtR2hReFlBR0M5Qm1nQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkFxZ0JBckFCQUxrQk5FNWNPNVdXZXpfQkFmUkQ0TFgzUm4wX3lRRUFBQURBek16c1A5a0JTRE1XVFdjbjdqX2dBZDZyMHdQMUFRQUFRRUNZQWdDZ0FnQzFBZ0FBQUFDOUFnQUFBQURBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0SWdfeS1KeEFFR0FFdHdYS3dPYUlERXdpdDBfTW1FQW9ZQVMxbVptWV9NZ04xYm5HaUF3NEltcm1ZSlJBTEdBSXRBQUFBQUxvRENVWlNRVEU2TmpVME5lQURpRENBQkpIa3FnbUlCTENKcXdtUUJBR1lCQVN5QkFrSXZ1b1JFSl9jcEEyNkJCa0k3UWdSdUI2RjYxRzRuajhaQUFBQUEBy1hBQWd2dW9Sd1FTNEhvWHJVYmllUDhrRQkbAQEYRFlCQUR4QgELDQF4aUFXUk01Z0Z1cDNyaEFHcEJVZ3pGazFuSi00X3NRVQ0mFEFBQU1FRgEHCQE4REpCUUFBQUtBTGF1a18wLigABE5rFSi4OERfZ0Jjc0Y4QVdyOW8wSi1BWE1oSk1DZ2dZRFJWVlNpQVlBa0FZQm1BWUFvUVkJWzRBQUlRS2dHQkxJR0pBaxEUCEFBQh3HBEJrGRgAQx0YRExnR0NnLi6aApkBIS1SYWUyUTqNAhBKN05meQG4BEF4EUIsQ0VBNkNVWlNRVEU2JZFAVUNJTUVsSU14Wk5aeWZ1UDEdYQBGHXkMR0c0SDFlADIdGABIHTAMSGdBaUWhAQHw10R3UHcuLtgCAOACm4VO6gIUaHR0cHM6Ly9mb3J3YXJkLmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APw0pIB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDgwLjI1NS43LjEwOKgEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADSBA4zMTY5I0ZSQTE6NjU0NdoEAggB4AQB8ASb0ra5AYgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAAAAEOcNgFAeAFAfAFq-9J-gUECAAQAJAGAJgGALgGAMEGASEwAADwP9AG_wvaBhYKEAkRGQF0EAAYAOAGAfIGAggAgAcBiAcAoAcByAfJhgbSBw0JESgBJgjaBwYBXXAYAOAHAOoHAggA8AeWxQOKCAIQAJUIAACAP5gIAQ..&s=dddf42c511fd6792a7099667b02fb97035e818b3
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:19 GMT
AN-X-Request-Uuid
ad170308-1e38-4b0d-aab0-b2ac74df2eaa
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
skeleton.js
pixel.adsafeprotected.com/rjss/st/1193981/66062622/ Frame CE34 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/rjss/st/1193981/66062622/skeleton.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.4.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-4-225.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:19 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
m
secure-gl.imrworldwide.com/cgi-bin/ Frame CE34 		44 B
751 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn361438&cr=388868379&ce=esome_com&pc=AP_278580922&ci=nlsnci1671&am=4&at=view&rt=banner&st=image&cy=1&gdpr=0&gdpr_consent=&r=55309941
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:3c00:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:19 GMT
via
1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy
cross-origin
content-length
44
pragma
no-cache
server
nginx
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods
POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
x-amz-cf-id
zYziNrODHKLHi1kRh8hjF-_VqhJvZappdWQ42LPz8lsQ-F9JVt1vfg==
expires
Thu, 01 Dec 1994 16:00:00 GMT
1x1.gif
imagesrv.adition.com/ Frame CE34
Redirect Chain
  • https://ad13.adfarm1.adition.com/banner?sid=4317211&gdpr=0&gdpr_consent=&kid=5564120&bid=16870234&wpt=C&ts=%5Btimestamp%5D&prf%5Bcustom_1%5D=%5BCID%5D&prf%5Bcustom_2%5D=%5BGID%5D
  • https://imagesrv.adition.com/1x1.gif
68 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesrv.adition.com/1x1.gif
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=glwywkm&e=1971603729092
Protocol
H2
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
5fb3bdb7f966c852579fb6b0574517445d5b2d171c804d66227ee67b1bffca9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 24 Dec 2022 10:07:20 GMT
last-modified
Fri, 24 Jul 2009 13:46:10 GMT
accept-ranges
bytes
etag
"3122740758"
content-length
68
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:07:19 +0100
server
ADITIONSERVER v1.0
etag
7180654628472556303
content-type
text/plain
location
https://imagesrv.adition.com/1x1.gif
access-control-allow-origin
*
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
cache-control
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
dcmads.js
www.googletagservices.com/dcm/ Frame A4FA 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9406a92f81fad251295cd64386a8bb62ee7503f589ae1b96893faae2f4fcb18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 09:31:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2125
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10900
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 17:19:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 24 Dec 2022 10:31:54 GMT
apn
beacon.sojern.com/imp/ Frame A4FA 		42 B
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.sojern.com/imp/apn?auc=3973708468614784229&cr=240739685&seg=&st=0&bp=0.00965&pp=0.00965&aaid=&idfa=&ord=1942765584
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
119.244.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
date
Sat, 24 Dec 2022 10:07:19 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
vary
Accept-Encoding
content-type
image/gif
ca
choices.truste.com/ Frame A4FA 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.truste.com/ca?pid=sojern01&aid=sojern02_d&cid=0&c=1942765584&sz=300x250&js=st_dapp
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-7.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
3cef1864f3b4a587c446729a5ee0eb8ae906ec76154e956b797e467c653d0024
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 ff2bcb2d3b4a3d9e0615ddd1033c38c4.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop
FRA2-C2
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
918
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
text/javascript;charset=UTF-8
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
W_F4fxHxueAk60nlQgeEX8Ipud8IKiVCflzjqSo13d0uIlf0te3DdQ==
expires
Mon, 26 Jul 1997 05:00:00 GMT
trk.js
cdn.adnxs.com/v/s/231/ Frame A4FA 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/231/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a6014f6b98eaeb6078b9e1c953c61f33af95d5f4866d89a416d01b74a0dd6c27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Expires
Wed, 06 Dec 2023 04:35:13 GMT
Date
Sat, 24 Dec 2022 10:07:19 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
1575126
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27455
X-Served-By
cache-lga13620-LGA, cache-hhn-etou8220054-HHN
Last-Modified
Wed, 30 Nov 2022 10:07:25 GMT
Server
AkamaiNetStorage
X-Timer
S1671876440.822717,VS0,VE0
ETag
"48b9fe7fe4120aea6f95a30f505d7b35:1669802845.0694"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
17, 1295416
it
fra1-ib.adnxs.com/ Frame A4FA 		0
930 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fforward.com%252F&e=wqT_3QKoCvBMKAUAAAMA1gAFAQjWnpudBhDlyfuFx9nckjcYja-4qpOZ7ppWKjYJpk5AE2HDgz8RinaU0Wh1fT8ZAAAAgBSu5z8hinaU0Wh1fT8ppU4JJPCBMQAAAEDheoQ_MPmGhQw4mFBA6j9IAlDlyuVyWJ7Nf2AAaLHylwF4rIgGgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAlN1ZignYScsIDQ4MTkzNjksIDApO3VmKCdpJywgNDgyNDc0MRUULGcnLCAxMjczNDk3MRUVMHInLCAyNDA3Mzk2ODUFFvQXAZICpQQhSDJ0cVF3aTkzTlFWRU9YSzVYSVlBQ0Nlelg4d0FEZ0FRQUJJNmo5US1ZYUZERmdBWUwwR2FBQndBSGdBZ0FFQWlBRUFrQUVCbUFFQm9BRUJxQUVCc0FFQXVRSFBFS0RWX01HRFA4RUJ6eENnMWZ6Qmd6X0pBUUFBQUFBQUFQQV8yUUVBQUFBQUFBRHdQLUFCcGIybUF2VUJ6Y3pNUFpnQ0FLQUNBYlVDQUFBQUFMMENBQUFBQU1BQ0FNZ0NBTkFDQU5nQ0FPQUNBT2dDQVBnQ0FJQURBWmdEQWJvRENVWlNRVEU2TmpZeU1lQURpRENBQklmcnhRU0lCTmJ3eXdTUUJBR1lCQUc2QkJvSWhRUVJBQUEBmhBBMEQ4WgUJCQEcZ2dzYUxEc0URrRRBMERfSkIJHAUBFDJBUUE4URHZYEFBQUlnRjNUT3BCVWd6RmsxbkotNF9zUVUBGgkBGE1FRm1wbVoBAhB1VF9KQgE7HEVCN3NyZ18wLigACE5rRgkxyEFBOERfZ0JjVUg4QVg3bzRrRy1BV3BrNllDZ2dZRFZWTkVpQVlBa0FZQm1BWUFvUWFhbQVeMG01UDZnR0JMSUdKQWsRSwhBQUIVywxBQUJrGRgAQx0YRExnR0NnLi6aApUBIWxoWnFhZzYpAihuczFfSUFBb0FERxltTHpvSlJsSkJNVG8yTmpJeFFJZ3dTAd0BAQxQQV9VEQwMQUFBVx0MAFkRDAxOQV9hEQwMQUFBYx0MEGVBQ0pBERDw9VBBX9gCAOACm4VO6gIUaHR0cHM6Ly9mb3J3YXJkLmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APw0pIB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDgwLjI1NS43LjEwOKgEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADSBA44MTcwI0ZSQTE6NjYyMdoEAggB4AQB8ATlyuVyiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFpMYq-gUECAAQAJAGAJgGALgGAMEGAAUlKPA_0AboKdoGFgoQBRAdAXQQABgA4AYB8gYCCACABwGIBwCgBwHIB6yIBtIHDQkRKQEmCNoHBgFdcBgA4AcA6gcCCADwB5bFA4oIAhAAlQgAAIA_mAgB&s=c03dbf243cae674b3f2fe2ec028f4c3cc360d0da
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:19 GMT
AN-X-Request-Uuid
fa1b133c-0b6a-41d2-ac18-9efa88f4a948
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
banner
ad4.adfarm1.adition.com/ Frame C000 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4.adfarm1.adition.com/banner?sid=3692289&wpt=H&ac=-1&bid=16707077&userid=7124704239831220522&clickurl=https://fra1-ib.adnxs.com/click?DJOpglFJfT9-VZF-uR52PwAAAIAUruc_flWRfrkedj8Mk6mCUUl9P9T9pXhZens-jRdONcm4NVZWz6ZjAAAAAHlDgQEYKAAAYQwAAAIAAAAbqS0XnuYfAAAAAABVU0QARVVSACwB-gAx-QAAAAABAQUCAAAAAMoA9CIGCgAAAAA./bcr=AAAAAAAA8D8=/cnd=%21ARfS2wjX9uMZEJvStrkBGJ7NfyAAKAAxAAAAAAAACEA6CUZSQTE6NTc3OUCIMElIMxZNZyfuP1EAAAAAAAAAAFkAAAAAAAAAAGG4HoXrUbieP2kAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MzE2OSNGUkExOjU3Nzk=/bn=93374/clickenc=
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad4.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
5333dbab598bc6f3ade782f5791a06dc9817e851453c6296db71b331fabb5cd6

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 11:07:19 +0100
expires
Sat, 01 Jan 2000 00:00:00 GMT
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pragma
no-cache
server
ADITIONSERVER v1.0
async_usersync.html
acdn.adnxs.com/dmp/ Frame E943 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
53027
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 24 Dec 2022 10:07:19 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 15 Dec 2022 19:23:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
100, 270934
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220068-HHN
X-Timer
S1671876440.832479,VS0,VE0
rd_log
fra1-ib.adnxs.com/ Frame 6F84 		0
930 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fforward.com%2F&e=wqT_3QKoF_BMqAsAAAMA1gAFAQjWnpudBhDU-5fFl8vevT4Yja-4qpOZ7ppWKjYJDJOpglFJfT8RflWRfrkedj8ZAAAAgBSu5z8hflWRfrkedj8pDJMJJPCaMQAAAEDheoQ_MPmGhQw4mFBA4RhIAlCb0ra5AViezX9gAGix8pcBeL7ZBYABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJpdWYoJ2EnLCA0NTA2MTg4LCAwKTt1ZignaScsIDc2NTY5MjYsIDApO3VmKCdnJywgMTkxMDI1MDcsIDAJKTxzJywgMjc4NTgwOTIyLCAwCRYwcicsIDM4ODg2ODM3OQUW9IEBkgLpDiFOMjVRbVFqWDl1TVpFSnZTdHJrQkdBQWduczFfTUFFNEFFQUFTT0VZVVBtR2hReFlBR0M5Qm1nQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkFxZ0JBckFCQUxrQk5FNWNPNVdXZXpfQkFmUkQ0TFgzUm4wX3lRRUFBQURBek16c1A5a0JTRE1XVFdjbjdqX2dBZDZyMHdQMUFRQUFRRUNZQWdDZ0FnQzFBZ0FBQUFDOUFnQUFBQURBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0SWdfeS1KeEFFR0FFdHdYS3dPYUlERXdpdDBfTW1FQW9ZQVMxbVptWV9NZ04xYm5HaUF3NEltcm1ZSlJBTEdBSXRBQUFBQUxvRENVWlNRVEU2TlRjM09lQURpRENBQkpIa3FnbUlCTENKcXdtUUJBR1lCQVNxQktZSENQX19fX19fX19fX193RVFfX19fX19fX19fX19BUmpfX19fX18FIww4QklQBQkJARR3RW9DREQJDAUBCDhCTzIgAARGQQUXDQEIQVVqDQoBAQg4QlU2LAAAWQEWEQEEQVc2WAAAYTYsAAB3ESgBARhBWGdCZ0FIAQsNAQg4Qmk6EAAAazoQACBtQUh3MHBJQm86GAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAAIDBBSDVob1VNMjoYAAA0OhAAADY6EAAAODoQABwtQUc1Qm9BQw3hBQEIQVlnNhAAAFo6IAAAWjogAABhOiAAAGE6IAAAYjogAABiOiAAAGM6IAAAYzogAABkOiAAAGQ6IAAAZTogAABlOiAAAGY6IAAAZjogAARZQS4VAiEANhAAAFo6IAAAWjogAABhOiAAAGE6IAAAYjogAABiOiAAAGM6IAAAYzogAABkOiAAAGQ6IAAQZUFEQU86FAAAZjo0AABmOiAACFlBRSXtDQEIQVlnNhAAAFo6IAAAWjogAABhOiAAAGE6IAAAYjogAABiOiAAAGM6IAAAYzogAABkOiAAAGQ6IAAAZTogAABlOiAAAGY6IAAAZjogAAhZQUYN-wUBCEFZZzYQAABaOiAAAFo6IACYYklFQ1FpLTZoRVFuOXlrRGJvRUdRanRDQkc0SG9YclViaWVQeGtBoaoFAVRDQy02aEhCQkxnZWhldFJ1SjRfeVFRBRsFARhOZ0VBUEVFBQwFAVBDSUJaTXRtQVc2bmV1RUFha0ZTRE3NJAgteEIdOwh3UVUFMgUBCE1rRgEIHG9BdHE2VF9SLigAADIVKMBEd1AtQUZ5d1h3QmF2MmpRbjRCY3lFa3dLQ0JnTkZWVktJQmdDUUJnR1lCZ0NoQmdBAVM0QUFBaEFxQVlFc2dZa0MdgABFHQwARx0MAEkdDDh1QVlLmgKZASFBUmZTMnc6bQcoSjdOZnlBQUtBQXgBZwEBLENFQTZDVVpTUVRFNsVxQFVDSU1FbElNeFpOWnlmdVAxPSwARj1pAEc9gQAyHRgASB0wDEhnQWnlgQEB8EBEd1B3Li7YAgDgApuFTuoCFGh0dHBzOi8vZm9yd2FyZC5jb20v8gIRCgZBRFZfSUQSBzQ1MDYxODjyAhIKBkNQRwEUBAgxGoMIARUIBUNQARQACSKCCDzyAg0KCEFEVl9GUkVREgEwBRAcUkVNX1VTRVIFEAAVCSBYQ09ERRIJTEFNQk9fMTM28gIMCghDUEcJGBwA8gILCgdDUBUOEBAKBUlPAWoIBzc2EhUJBSEESU8VITgTCg9DVVNUT01fTU9ERUwBKxQA8gIaChYyFgAgTEVBRl9OQU1FAR0IHgoaNh0ACEFTVAE-EElGSUVEASEcFQoIU1BMSVQBTRni8IaAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APw0pIB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDgwLjI1NS43LjEwOKgEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADSBA4zMTY5I0ZSQTE6NTc3OdoEAggB4AQB8AQSggogiAUBmAUAoAX_EQEYAcAFAMkFAAUBFPA_0gUJCQULfAAAANgFAeAFAfAFq-9J-gUECAAQAJAGAJgGALgGAMEGASEwAADwP9AG_wvaBhYKEAkRGQFwEAAYAOAGAfIGAggAgAcBiAcAoAcByAe-2QXSBw0VZAEmCNoHBgFdcBgA4AcA6gcCCADwB5bFA4oIAhAAlQgAAIA_mAgB&s=9c604484f6c30f1f92b00fb459008f59ad3b960e&bdref=https%3A%2F%2Fforward.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fforward.com%2F,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dnhlvbl%26e%3D1971603729092,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dnhlvbl%26e%3D1971603729092&
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:19 GMT
AN-X-Request-Uuid
72b9407d-d151-407e-b181-a85238f420f2
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
trk.js
cdn.adnxs.com/v/s/231/ Frame 6F84 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/231/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a6014f6b98eaeb6078b9e1c953c61f33af95d5f4866d89a416d01b74a0dd6c27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Expires
Wed, 06 Dec 2023 04:35:13 GMT
Date
Sat, 24 Dec 2022 10:07:19 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
1575127
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27455
X-Served-By
cache-lga13620-LGA, cache-hhn-etou8220027-HHN
Last-Modified
Wed, 30 Nov 2022 10:07:25 GMT
Server
AkamaiNetStorage
X-Timer
S1671876440.842569,VS0,VE0
ETag
"48b9fe7fe4120aea6f95a30f505d7b35:1669802845.0694"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
17, 1439426
it
fra1-ib.adnxs.com/ Frame 6F84 		0
930 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fforward.com%252F&e=wqT_3QKIFfBMiAoAAAMA1gAFAQjWnpudBhDU-5fFl8vevT4Yja-4qpOZ7ppWKjYJDJOpglFJfT8RflWRfrkedj8ZAAAAgBSu5z8hflWRfrkedj8pDJMJJPCaMQAAAEDheoQ_MPmGhQw4mFBA4RhIAlCb0ra5AViezX9gAGix8pcBeL7ZBYABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJpdWYoJ2EnLCA0NTA2MTg4LCAwKTt1ZignaScsIDc2NTY5MjYsIDApO3VmKCdnJywgMTkxMDI1MDcsIDAJKTxzJywgMjc4NTgwOTIyLCAwCRYwcicsIDM4ODg2ODM3OQUW9IEBkgLpDiFOMjVRbVFqWDl1TVpFSnZTdHJrQkdBQWduczFfTUFFNEFFQUFTT0VZVVBtR2hReFlBR0M5Qm1nQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkFxZ0JBckFCQUxrQk5FNWNPNVdXZXpfQkFmUkQ0TFgzUm4wX3lRRUFBQURBek16c1A5a0JTRE1XVFdjbjdqX2dBZDZyMHdQMUFRQUFRRUNZQWdDZ0FnQzFBZ0FBQUFDOUFnQUFBQURBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0SWdfeS1KeEFFR0FFdHdYS3dPYUlERXdpdDBfTW1FQW9ZQVMxbVptWV9NZ04xYm5HaUF3NEltcm1ZSlJBTEdBSXRBQUFBQUxvRENVWlNRVEU2TlRjM09lQURpRENBQkpIa3FnbUlCTENKcXdtUUJBR1lCQVNxQktZSENQX19fX19fX19fX193RVFfX19fX19fX19fX19BUmpfX19fX18FIww4QklQBQkJARR3RW9DREQJDAUBCDhCTzIgAARGQQUXDQEIQVVqDQoBAQg4QlU2LAAAWQEWEQEEQVc2WAAAYTYsAAB3ESgBARhBWGdCZ0FIAQsNAQg4Qmk6EAAAazoQACBtQUh3MHBJQm86GAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAAIDBBSDVob1VNMjoYAAA0OhAAADY6EAAAODoQABwtQUc1Qm9BQw3hBQEIQVlnNhAAAFo6IAAAWjogAABhOiAAAGE6IAAAYjogAABiOiAAAGM6IAAAYzogAABkOiAAAGQ6IAAAZTogAABlOiAAAGY6IAAAZjogAARZQS4VAiEANhAAAFo6IAAAWjogAABhOiAAAGE6IAAAYjogAABiOiAAAGM6IAAAYzogAABkOiAAAGQ6IAAQZUFEQU86FAAAZjo0AABmOiAACFlBRSXtDQEIQVlnNhAAAFo6IAAAWjogAABhOiAAAGE6IAAAYjogAABiOiAAAGM6IAAAYzogAABkOiAAAGQ6IAAAZTogAABlOiAAAGY6IAAAZjogAAhZQUYN-wUBCEFZZzYQAABaOiAAAFo6IACYYklFQ1FpLTZoRVFuOXlrRGJvRUdRanRDQkc0SG9YclViaWVQeGtBoaoFAVRDQy02aEhCQkxnZWhldFJ1SjRfeVFRBRsFARhOZ0VBUEVFBQwFAVBDSUJaTXRtQVc2bmV1RUFha0ZTRE3NJAgteEIdOwh3UVUFMgUBCE1rRgEIHG9BdHE2VF9SLigAADIVKMBEd1AtQUZ5d1h3QmF2MmpRbjRCY3lFa3dLQ0JnTkZWVktJQmdDUUJnR1lCZ0NoQmdBAVM0QUFBaEFxQVlFc2dZa0MdgABFHQwARx0MAEkdDDh1QVlLmgKZASFBUmZTMnc6bQcoSjdOZnlBQUtBQXgBZwEBLENFQTZDVVpTUVRFNsVxQFVDSU1FbElNeFpOWnlmdVAxPSwARj1pAEc9gQAyHRgASB0wDEhnQWnlgQEB8NdEd1B3Li7YAgDgApuFTuoCFGh0dHBzOi8vZm9yd2FyZC5jb20vgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgD8NKSAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBAw4MC4yNTUuNy4xMDioBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQOMzE2OSNGUkExOjU3NznaBAIIAeAEAfAEm9K2uQGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAABDnDYBQHgBQHwBavvSfoFBAgAEACQBgCYBgC4BgDBBgEhMAAA8D_QBv8L2gYWChAJERkBdBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHvtkF0gcNCREoASYI2gcGAV1wGADgBwDqBwIIAPAHlsUDiggCEACVCAAAgD-YCAE.&s=b0c88da3c29f5faeb5eab73393b8f1c3b9534a8e
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:19 GMT
AN-X-Request-Uuid
a5ff36b3-c8ed-4dc3-9d8d-526c89e727ff
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
skeleton.js
pixel.adsafeprotected.com/rjss/st/1193981/66062622/ Frame 6F84 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/rjss/st/1193981/66062622/skeleton.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.4.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-4-225.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:19 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
m
secure-gl.imrworldwide.com/cgi-bin/ Frame 6F84 		44 B
751 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn361438&cr=388868379&ce=esome_com&pc=AP_278580922&ci=nlsnci1671&am=4&at=view&rt=banner&st=image&cy=1&gdpr=0&gdpr_consent=&r=1796495323
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:3c00:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:20 GMT
via
1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy
cross-origin
content-length
44
pragma
no-cache
server
nginx
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods
POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
x-amz-cf-id
-uAtfSfEr7lplSw7JBG8RKaa9osUWwjqgJdpppkl4uUNB4XRiDsqZg==
expires
Thu, 01 Dec 1994 16:00:00 GMT
1x1.gif
imagesrv.adition.com/ Frame 6F84
Redirect Chain
  • https://ad13.adfarm1.adition.com/banner?sid=4317211&gdpr=0&gdpr_consent=&kid=5564120&bid=16870234&wpt=C&ts=%5Btimestamp%5D&prf%5Bcustom_1%5D=%5BCID%5D&prf%5Bcustom_2%5D=%5BGID%5D
  • https://imagesrv.adition.com/1x1.gif
68 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesrv.adition.com/1x1.gif
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=nhlvbl&e=1971603729092
Protocol
H2
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
5fb3bdb7f966c852579fb6b0574517445d5b2d171c804d66227ee67b1bffca9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 24 Dec 2022 10:07:20 GMT
last-modified
Fri, 24 Jul 2009 13:46:10 GMT
accept-ranges
bytes
etag
"3122740758"
content-length
68
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:07:19 +0100
server
ADITIONSERVER v1.0
etag
7180654628473277199
content-type
text/plain
location
https://imagesrv.adition.com/1x1.gif
access-control-allow-origin
*
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
cache-control
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
j-6162252-3290827.js
cdn.flashtalking.com/xre/616/6162252/3290827/js/ Frame 3A7C 		86 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/xre/616/6162252/3290827/js/j-6162252-3290827.js
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/imp/2/171383;6162252;201;js;GroupMCompetenceCenter;DEToyotaAlwaysOnRangeAlwaysOnConvertDisplayLightReactionProspectingSuperBanner0122/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ft_section=17801719_AYGOX_PR_INFRA&ftOBA=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dsqwwysn%26e%3D1535582086632&ft_keyword=17801719_AYGOX_PR_INFRA&gdpr=0&gdpr_consent=&cachebuster=673638.9531040796
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
1c67e5a80dec6262552573a039128251d895be8c9a5240e7f9e71a2eb3c9c06b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:19 GMT
Content-Encoding
gzip
x-amz-request-id
PJAVETC4NVK97FHA
Connection
Keep-Alive
Content-Length
21350
x-amz-id-2
psmqyX+k+KpdL8Ivu3Gbnzjd9jQS+vpAOteoB25ioBEHLK57vXIZXBBA5tFJwvXefhQ/AFDkr/I=
Last-Modified
Fri, 26 Aug 2022 10:15:40 GMT
ETag
"1661508940"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
X-HW
1671876439.dop231.fr8.t,1671876439.cds164.fr8.shn,1671876439.dop231.fr8.t,1671876439.cds273.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=466
Accept-Ranges
bytes
prebid7.19.0.js
hb.adpone.com/ Frame 230D 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=zzjahlbgrgl&e=1895969627920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:19 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3238
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NmQLR9yAmkq6GdlFQmoQ9420V9aDQKnw6Y%2FnSfyp7MZ5iNbyGaTMrjm0D3criUosfY9w1Gf5owLlvQX9W%2FuN3GDDifshIO9nY6h%2FE%2BiNp4iUt6Z2Wl%2BrqdeiN9r67g4sEweIfhhNLV%2FRG1k%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e887851e109022-FRA
prebid7.19.0.js
hb.adpone.com/ Frame 9AAD 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=owjeetsg&e=1895969627920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:19 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3238
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G1VneH4yNE4TsmtvaoRCVvUDyKZdUVDIgc04eU0svi2RzDw86oElZkVqFs%2FvEbKyirTFsnsEPDn7hFfHbYxPYKKBe3JimRPpWvDc6Gy3IoDZY01%2B0u5YqnBHHVP18GbfSPdpZva9E5GROnA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e887852e3e9022-FRA
prebid7.19.0.js
hb.adpone.com/ Frame A40E 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=bczvkhbc&e=1895969627920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:19 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3238
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OEokJMaOJdvZzcVVLDzxIHDXTzyJiExiF18q%2Bk%2FiN8pkjS920zBYVFF1Oa4%2BX7xABklxFMLxswurHe3jlttsLCLzINqs7L2dahk9Zn5JsiyA1dpcCZ4SVqsqY5bVKmSUBxPRoHxFQSOYwfs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e887853e4b9022-FRA
prebid7.19.0.js
hb.adpone.com/ Frame E491 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=virowxpvm&e=1895969627920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:19 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3238
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7wp4aLgTPGc8jdH4cV5UAU3KpfjvJWos8F0D7JM0o7%2F%2BRige6f42T7Rc54RyMr9JtycBGZNJWGbACQNVUfxV4Yng9qb1EDpE6ssl%2Bp5CwNPiPQlCPbiLXk9khuSaEnu3etl8cRQKJRMhKYI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e887854e619022-FRA
prebid7.19.0.js
hb.adpone.com/ Frame CFEF 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=fcpruxcdav&e=1895969627920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:19 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3238
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ww6mqPCXYoy2z9xcXY8HNVrnZsWIB8F2Pss%2FJvtQ17gZIqq0IvA0NZOCu3tJKyePZt2L6mvguKJgs7%2F5FVjyPEDd8WnyAuY2Efk7%2BN5gjBDEMCX4aPjl5P%2FjP%2BzX9rDJHDOV7Kp%2FbG3vuGg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e887855e7d9022-FRA
prebid7.19.0.js
hb.adpone.com/ Frame EA12 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=pnscqapml&e=1895969627920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:19 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3238
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ng%2FYjcRFnVh0QQAXDh%2BLvwygRcoTsgXcYlek1D9DsCc2WNOXisB5ZilDRAtQIH0AGqFONUmqNBuXDl92fkSvAGx%2FFioBmjhbJ0xDw%2BUSjESpnHmPW6WHD0S0LbNqNZ8s5ZvdGk8GjzMRG0Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e887857ea19022-FRA
prebid7.19.0.js
hb.adpone.com/ Frame 055A 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=wslqjeso&e=1895969627920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:19 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3238
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FYrF%2FacVN3kvIqO7%2FkLzX16NdB9D2IaM1mSjCkb2%2FLjGo3dHHXbxe2ztoO2Q2UK5Wvow0k8G%2FGg43L4JQ97WRTWSRx3fQa09xdBB0Gr0xJV6J90haDgUEUT7ShrHVF4nJCqXRmwfXhHdmy4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e887858ebd9022-FRA
prebid7.19.0.js
hb.adpone.com/ Frame C47E 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=rvrghwgt&e=1895969627920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:19 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3238
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wtdCwRcYlIlBEyeJRW7rzam7peWzP6qHHnneElXkMXnN0wlb19JtNhZ7XDwbhxBxsheN1AuROVUpv3td6cl2Wmf50znhjZ81EbwdQAQR9rK2SK0VjeiaOXVOeNmmEPgs1g%2BoxjXCtXCp7j4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e887858ecd9022-FRA
prebid7.19.0.js
hb.adpone.com/ Frame 3A43 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=esmtyaf&e=1895969627920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:19 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3238
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UlmQd4MRuq8dTd%2F%2BONRVMXN4yZhWOEbSSsC%2FriG%2FKi6WrZNw9dj8%2FNKg1eCienIicJPLqvjbL2Owu3%2F6%2Bedm43irUOLb8oSJgOfkM%2BCVWi%2BHXM9w7747dqnu5y9Cu80xDPMoKyd2I8sFSd0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e887859eee9022-FRA
prebid7.19.0.js
hb.adpone.com/ Frame 0176 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=ihyiflzn&e=1895969627920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:19 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3238
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nRZug9uuObdljIROkftIzi0x13%2FKfBcSjBc9Me95EZhe21tm5bBkDXA1SN2neWmk5DHmH6ORRhctKIKFaE7BpU%2FdC2zsDAZ3%2BJrCxsj7BVn%2Fcaq1ffjMjw3joJV5snLTN2OBEe7vjjhqzWo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e88785aef39022-FRA
prebid7.19.0.js
hb.adpone.com/ Frame 7A82 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=wgbkvtvn&e=1895969627920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:19 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3238
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TtGhzSrguh2iPTrvhDtw3eYaV8eyFSOVfbl17dNPIAwFZsiygQpNvr7MLEs7xzoGCWYc2Dwa0uK46ULn3OgAfq5ler%2F5IIkpuTglgISTk3jfpHSkVbBMXmAw8biz8G%2BOxaHvJnokVaP0NvY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e88785bf089022-FRA
prebid7.19.0.js
hb.adpone.com/ Frame 018F 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=gvclp&e=1895969627920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:19 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3238
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kiydN3mPLzzO19h9LZjb4fSMYDRGciWM8Oa6pl3RGbRFZ4gcWVyiV0pw%2BWrFk64kUglhkQEPgQoahNfi%2BEIVPPM5qhzIq0D2hX%2Br0D81weeJbkgru%2BKuDRMGNnQOgQhclAJv9%2BeBlyR2KuQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e88785bf289022-FRA
prebid7.19.0.js
hb.adpone.com/ Frame A59C 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=rdflkmkh&e=1895969627920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:19 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3238
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y0f4tzafCY%2FQSeT06hmHnMSO7aadLyeV9jPCv1i7exmX9HKfApdVt2qreae1fgVfCWH4XkJP3TJ609ESEo8jSJQ9TGInQUEL4cAJqdKdclYdpIIiBcpRV5BPhoFOBYf8Ovh8sQTXb2Qyj%2FU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e88785cf599022-FRA
prebid7.19.0.js
hb.adpone.com/ Frame A690 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=zltxliabk&e=1895969627920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:20 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3238
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2w9ynipWySWtED5pJMexHwlkiPG2XwX6AkMdqDOZAx2%2BbHaMICzK%2BUa7NEtoUoG08jYj90nwR8%2FxVMJFGdGJkPaDf5MEaTTisTYyxupuwFYG32CMmYqLdrXDXKgQnV7QPXkNjpCh1WNDZbc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e88785efb39022-FRA
j-6162252-3290827.js
cdn.flashtalking.com/xre/616/6162252/3290827/js/ Frame B5EE 		86 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/xre/616/6162252/3290827/js/j-6162252-3290827.js
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/imp/2/171383;6162252;201;js;GroupMCompetenceCenter;DEToyotaAlwaysOnRangeAlwaysOnConvertDisplayLightReactionProspectingSuperBanner0122/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ft_section=17801719_AYGOX_PR_INFRA&ftOBA=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dgsuhtufxa%26e%3D1535582086632&ft_keyword=17801719_AYGOX_PR_INFRA&gdpr=0&gdpr_consent=&cachebuster=933695.9180746984
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
1c67e5a80dec6262552573a039128251d895be8c9a5240e7f9e71a2eb3c9c06b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:19 GMT
Content-Encoding
gzip
x-amz-request-id
PJAVETC4NVK97FHA
Connection
Keep-Alive
Content-Length
21350
x-amz-id-2
psmqyX+k+KpdL8Ivu3Gbnzjd9jQS+vpAOteoB25ioBEHLK57vXIZXBBA5tFJwvXefhQ/AFDkr/I=
Last-Modified
Fri, 26 Aug 2022 10:15:40 GMT
ETag
"1661508940"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
X-HW
1671876439.dop231.fr8.t,1671876439.cds164.fr8.shn,1671876439.dop231.fr8.t,1671876439.cds273.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=466
Accept-Ranges
bytes
setuid
prebid.bidstreamserver.com/ Frame 0421
Redirect Chain
  • https://onetag-sys.com/usync/?redir=https%3A%2F%2Fprebid.bidstreamserver.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D
  • https://prebid.bidstreamserver.com/setuid?bidder=onetag&gdpr=&gdpr_consent=&f=b&uid=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.bidstreamserver.com/setuid?bidder=onetag&gdpr=&gdpr_consent=&f=b&uid=
Requested by
Host: ads.bidstreamserver.com
URL: https://ads.bidstreamserver.com/js/prebid-bidstream-7.16.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.227.116.104 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
prebid2.advertserve.com
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 10:07:20 GMT
expires
0
pragma
no-cache
server
nginx
vary
Accept-Encoding Origin
x-frame-options
DENY

Redirect headers

cache-control
no-store
content-length
0
location
https://prebid.bidstreamserver.com/setuid?bidder=onetag&gdpr=&gdpr_consent=&f=b&uid=
strict-transport-security
max-age=15552000
setuid
prebid.bidstreamserver.com/ Frame A9C1
Redirect Chain
  • https://onetag-sys.com/usync/?redir=https%3A%2F%2Fprebid.bidstreamserver.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D
  • https://prebid.bidstreamserver.com/setuid?bidder=onetag&gdpr=&gdpr_consent=&f=b&uid=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.bidstreamserver.com/setuid?bidder=onetag&gdpr=&gdpr_consent=&f=b&uid=
Requested by
Host: ads.bidstreamserver.com
URL: https://ads.bidstreamserver.com/js/prebid-bidstream-7.16.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.227.116.104 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
prebid2.advertserve.com
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 10:07:20 GMT
expires
0
pragma
no-cache
server
nginx
vary
Accept-Encoding Origin
x-frame-options
DENY

Redirect headers

cache-control
no-store
content-length
0
location
https://prebid.bidstreamserver.com/setuid?bidder=onetag&gdpr=&gdpr_consent=&f=b&uid=
strict-transport-security
max-age=15552000
/
onetag-sys.com/usync/ Frame B311 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=6c68086c0c61793
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2001415.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.serverbid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame EB0F 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2001415.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://sync.serverbid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=157700
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sat, 24 Dec 2022 10:07:20 GMT
expires
Mon, 26 Dec 2022 05:55:40 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync
vid.vidoomy.com/ Frame FFE3 		49 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vid.vidoomy.com/sync?redirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D6227%26spui%3D%26dpui%3D%7B%7BVID%7D%7D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2001415.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:f400::4 , United Kingdom, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
acff2f7ced83945dfb1b2227c926ec6a29d4c9ef436b6cd78a0d0d7447286a09

Request headers

Referer
https://sync.serverbid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 10:07:20 GMT
etag
W/"61c991db-c5bc"
last-modified
Mon, 27 Dec 2021 10:13:47 GMT
server
CDN77-Turbo
x-77-cache
HIT
x-77-nzt
AamW8orhZn//BAsBAA
x-77-nzt-ray
bcd92b1f0f00aadd58cfa6630bc4e10e
x-77-pop
zagrebHR
x-accel-expires
@1672844884
x-age
68356
x-cache
HIT
rid
match.adsrvr.org/track/ Frame 60A4 		63 B
391 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2001415.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
ae4f9786606dd99b88bedfb8432b47789670032cf7cf67793b02031e98fdbf27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:20 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://sync.serverbid.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Mon, 23 Jan 2023 10:07:20 GMT
pixel
ap.lijit.com/ Frame 60A4 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D4%26spui%3D%26dpui%3D%24UID
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2001415.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 24 Dec 2022 10:07:20 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
i.gif
e.serverbid.com/udb/9969/sync/ Frame 60A4
Redirect Chain
  • https://p.rfihub.com/cm?pub=42786&in=1
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=53&userId=5107433825725154417
35 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=53&userId=5107433825725154417
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2001415.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:20 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=53&userId=5107433825725154417
Date
Sat, 24 Dec 2022 10:07:20 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usersync
x.serverbid.com/ Frame 60A4
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D&s=185073&C=1
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Y6bPWOa4eXFjFoTtryyD1wAA%261203
35 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Y6bPWOa4eXFjFoTtryyD1wAA%261203
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2001415.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:21 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:20 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ltoKc%2FOYpkazNq6EfVOoA6Oz6ehTR7YoCdSt4KbbNk0A6einAe9g8W92apKTjM8qr8LaV7zQYuc37jZJWkA9piHfK%2FDwG6rGmraCuPbssLhGMEAKt3tHA%2BkRo%2BTjcTq%2FKWQ6FgCzhqvzRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Y6bPWOa4eXFjFoTtryyD1wAA%261203
cache-control
no-cache
cf-ray
77e8878a28219a1d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
prebid
rtb.openx.net/sync/ Frame 60A4 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5531%26spui%3D%26dpui%3D%24%7BUID%7D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2001415.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:20 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
lndo86bfbkjcn6r5mjphlfi325s0b2l5
usersync
x.serverbid.com/ Frame 60A4
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=6212074435349714829
35 B
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=6212074435349714829
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2001415.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:20 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

Date
Sat, 24 Dec 2022 10:07:20 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
9e0884e0-3738-448e-a97e-df19330e6990
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=6212074435349714829
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usa
sync.go.sonobi.com/ Frame 60A4 		0
500 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5444%26spui%3D%26dpui%3D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2001415.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:20 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-196
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
ap.lijit.com/ Frame 5B14 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D4%26spui%3D%26dpui%3D%24UID
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2001415.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 24 Dec 2022 10:07:20 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
i.gif
e.serverbid.com/udb/9969/sync/ Frame 5B14
Redirect Chain
  • https://p.rfihub.com/cm?pub=42786&in=1
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=53&userId=5134455420373653959
35 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=53&userId=5134455420373653959
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2001415.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:20 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=53&userId=5134455420373653959
Date
Sat, 24 Dec 2022 10:07:20 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usersync
x.serverbid.com/ Frame 5B14
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D&s=185073&C=1
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Y6bPWOa4eXFjFoTtryyD1wAA%261203
35 B
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Y6bPWOa4eXFjFoTtryyD1wAA%261203
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2001415.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:21 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:20 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZmeBlc5YySeNv2EuCf1b0kdLHwp6j4w%2BTnKvm54Mj%2FYBARBY16wJ6hM%2Fn08Cwh%2FrvLvi6rtwjbLEim2daQtBMdA2F8OjWOMOdIoKsVueL95IHBX0fGqTZIstqrab8jqI9XS39AkPTfmVrA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Y6bPWOa4eXFjFoTtryyD1wAA%261203
cache-control
no-cache
cf-ray
77e8878a281c9a1d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
prebid
rtb.openx.net/sync/ Frame 5B14 		43 B
133 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5531%26spui%3D%26dpui%3D%24%7BUID%7D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2001415.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:19 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
acp3u51lqrf1seis2hjibrfi292hci5q
usersync
x.serverbid.com/ Frame 5B14
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=6212074435349714829
35 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=6212074435349714829
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2001415.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:20 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

Date
Sat, 24 Dec 2022 10:07:20 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
a575a208-1dc7-4f9f-8901-9c8bf3d78a2a
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=6212074435349714829
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usa
sync.go.sonobi.com/ Frame 5B14 		0
500 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5444%26spui%3D%26dpui%3D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2001415.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:20 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-107
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
/
onetag-sys.com/usync/ Frame 893C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=6c68086c0c61793
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2001415.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.serverbid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 36A3 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2001415.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://sync.serverbid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=157700
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sat, 24 Dec 2022 10:07:20 GMT
expires
Mon, 26 Dec 2022 05:55:40 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync
vid.vidoomy.com/ Frame 636E 		49 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vid.vidoomy.com/sync?redirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D6227%26spui%3D%26dpui%3D%7B%7BVID%7D%7D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2001415.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:f400::4 , United Kingdom, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
acff2f7ced83945dfb1b2227c926ec6a29d4c9ef436b6cd78a0d0d7447286a09

Request headers

Referer
https://sync.serverbid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 10:07:20 GMT
etag
W/"61c991db-c5bc"
last-modified
Mon, 27 Dec 2021 10:13:47 GMT
server
CDN77-Turbo
x-77-cache
HIT
x-77-nzt
AamW8oqUs/v/BAsBAA
x-77-nzt-ray
bcd92b1f0f00aadd58cfa6632308f80e
x-77-pop
zagrebHR
x-accel-expires
@1672844884
x-age
68356
x-cache
HIT
rid
match.adsrvr.org/track/ Frame 5B14 		63 B
392 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2001415.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
ae4f9786606dd99b88bedfb8432b47789670032cf7cf67793b02031e98fdbf27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:20 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://sync.serverbid.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Mon, 23 Jan 2023 10:07:20 GMT
000002447532.gif
imagesrv.adition.com/banners/273/files/00/25/58/ac/ Frame 9CB5 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesrv.adition.com/banners/273/files/00/25/58/ac/000002447532.gif
Requested by
Host: ad4.adfarm1.adition.com
URL: https://ad4.adfarm1.adition.com/banner?sid=3692289&wpt=H&ac=-1&bid=16707077&userid=7124704239831220522&clickurl=https://fra1-ib.adnxs.com/click?DJOpglFJfT9-VZF-uR52PwAAAIAUruc_flWRfrkedj8Mk6mCUUl9Pwoi-xNfWQYwjRdONcm4NVZWz6ZjAAAAAHlDgQEYKAAAYQwAAAIAAAAbqS0XnuYfAAAAAABVU0QARVVSACwB-gAx-QAAAAABAQUCAAAAAMoAoiDSQgAAAAA./bcr=AAAAAAAA8D8=/cnd=%21-hbj2QjX9uMZEJvStrkBGJ7NfyAAKAAxAAAAAAAACEA6CUZSQTE6NjYxOECIMElIMxZNZyfuP1EAAAAAAAAAAFkAAAAAAAAAAGG4HoXrUbieP2kAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MzE2OSNGUkExOjY2MTg=/bn=99364/clickenc=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
e3d228f21c1416847a787052cadbac5df6182bb7b5fb185d4edbf9dc225e5ec3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad4.adfarm1.adition.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 24 Dec 2022 10:07:20 GMT
last-modified
Tue, 04 Oct 2022 07:30:36 GMT
accept-ranges
bytes
etag
"2700043250"
content-length
2096780
content-type
image/gif
pixel
ap.lijit.com/ Frame 77F6 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D4%26spui%3D%26dpui%3D%24UID
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2001415.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 24 Dec 2022 10:07:20 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
i.gif
e.serverbid.com/udb/9969/sync/ Frame 77F6
Redirect Chain
  • https://p.rfihub.com/cm?pub=42786&in=1
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=53&userId=5109685625407808779
35 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=53&userId=5109685625407808779
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2001415.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:20 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=53&userId=5109685625407808779
Date
Sat, 24 Dec 2022 10:07:20 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usersync
x.serverbid.com/ Frame 77F6
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D&s=185073&C=1
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Y6bPWOa4eXFjFoTtryyD1wAA%261203
35 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Y6bPWOa4eXFjFoTtryyD1wAA%261203
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2001415.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:21 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:20 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EbL62VwKbRCoNgT8p0qfxZ%2FOrqSR%2Bl7eMMahguwTy6oZaeUVpLXw9O2OcVxjxc8Qp%2FYKVEX%2BFV62sjByt1hke0kv0N98%2F9pirRVFAwpl1GKHFrtgpQM6Kjz2R76zR3adbZ1IDM9aIgYE2g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Y6bPWOa4eXFjFoTtryyD1wAA%261203
cache-control
no-cache
cf-ray
77e8878a28239a1d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
prebid
rtb.openx.net/sync/ Frame 77F6 		43 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5531%26spui%3D%26dpui%3D%24%7BUID%7D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2001415.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:20 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
3oijaufjnljj3i39o08gv69ib4qbumbr
usersync
x.serverbid.com/ Frame 77F6
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=6212074435349714829
35 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=6212074435349714829
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2001415.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:20 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

Date
Sat, 24 Dec 2022 10:07:20 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
14ba2f90-fc88-43f8-81d2-5164a553d017
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=6212074435349714829
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usa
sync.go.sonobi.com/ Frame 77F6 		0
498 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5444%26spui%3D%26dpui%3D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2001415.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:20 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-36
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
/
onetag-sys.com/usync/ Frame A8A0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=6c68086c0c61793
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2001415.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.serverbid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 57FA 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2001415.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://sync.serverbid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=157700
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sat, 24 Dec 2022 10:07:20 GMT
expires
Mon, 26 Dec 2022 05:55:40 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync
vid.vidoomy.com/ Frame A5BD 		49 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vid.vidoomy.com/sync?redirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D6227%26spui%3D%26dpui%3D%7B%7BVID%7D%7D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2001415.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:f400::4 , United Kingdom, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
acff2f7ced83945dfb1b2227c926ec6a29d4c9ef436b6cd78a0d0d7447286a09

Request headers

Referer
https://sync.serverbid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 10:07:20 GMT
etag
W/"61c991db-c5bc"
last-modified
Mon, 27 Dec 2021 10:13:47 GMT
server
CDN77-Turbo
x-77-cache
HIT
x-77-nzt
AamW8oqNsKD/BAsBAA
x-77-nzt-ray
bcd92b1f0f00aadd58cfa66304561d0f
x-77-pop
zagrebHR
x-accel-expires
@1672844884
x-age
68356
x-cache
HIT
rid
match.adsrvr.org/track/ Frame 77F6 		63 B
391 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2001415.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
ae4f9786606dd99b88bedfb8432b47789670032cf7cf67793b02031e98fdbf27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:20 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://sync.serverbid.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Mon, 23 Jan 2023 10:07:20 GMT
pixel
ap.lijit.com/ Frame 7502 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D4%26spui%3D%26dpui%3D%24UID
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2001415.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 24 Dec 2022 10:07:20 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
i.gif
e.serverbid.com/udb/9969/sync/ Frame 7502
Redirect Chain
  • https://p.rfihub.com/cm?pub=42786&in=1
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=53&userId=5124322324289821878
35 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=53&userId=5124322324289821878
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2001415.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:20 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=53&userId=5124322324289821878
Date
Sat, 24 Dec 2022 10:07:20 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usersync
x.serverbid.com/ Frame 7502
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D&s=185073&C=1
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Y6bPWOa4eXFjFoTtryyD1wAA%261203
35 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Y6bPWOa4eXFjFoTtryyD1wAA%261203
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2001415.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:21 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:20 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nsjMdwZ1I4PCB4E0kIXQfvt%2B%2B9E3NumLYGW0WgVZZZjUlkFkeG4TOQaSIVbMlfa3UZDGTkKHgbHQfyAfnuqxUy2D%2BHDqMBDXC1Oq8iJO2TwKA4vQZlkf%2BDowPU6Zno31%2FzAro3TuRmNk9g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Y6bPWOa4eXFjFoTtryyD1wAA%261203
cache-control
no-cache
cf-ray
77e8878a28289a1d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
prebid
rtb.openx.net/sync/ Frame 7502 		43 B
133 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5531%26spui%3D%26dpui%3D%24%7BUID%7D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2001415.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:19 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
c2s3q2o6bi56airso5jg9g6gebalrq8d
usersync
x.serverbid.com/ Frame 7502
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=6212074435349714829
35 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=6212074435349714829
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2001415.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:20 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

Date
Sat, 24 Dec 2022 10:07:20 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
044ec5c8-8f72-488d-8bbe-d5eaa8f1e2b6
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=6212074435349714829
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usa
sync.go.sonobi.com/ Frame 7502 		0
498 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5444%26spui%3D%26dpui%3D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2001415.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:20 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-29
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
/
onetag-sys.com/usync/ Frame D0FC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=6c68086c0c61793
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2001415.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.serverbid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FCBA 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2001415.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://sync.serverbid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=157700
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sat, 24 Dec 2022 10:07:20 GMT
expires
Mon, 26 Dec 2022 05:55:40 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync
vid.vidoomy.com/ Frame BC6E 		49 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vid.vidoomy.com/sync?redirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D6227%26spui%3D%26dpui%3D%7B%7BVID%7D%7D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2001415.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:f400::4 , United Kingdom, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
acff2f7ced83945dfb1b2227c926ec6a29d4c9ef436b6cd78a0d0d7447286a09

Request headers

Referer
https://sync.serverbid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 10:07:20 GMT
etag
W/"61c991db-c5bc"
last-modified
Mon, 27 Dec 2021 10:13:47 GMT
server
CDN77-Turbo
x-77-cache
HIT
x-77-nzt
AamW8oq/Y0//BAsBAA
x-77-nzt-ray
bcd92b1f0f00aadd58cfa663138f1e0f
x-77-pop
zagrebHR
x-accel-expires
@1672844884
x-age
68356
x-cache
HIT
rid
match.adsrvr.org/track/ Frame 7502 		63 B
391 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2001415.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
ae4f9786606dd99b88bedfb8432b47789670032cf7cf67793b02031e98fdbf27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:20 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://sync.serverbid.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Mon, 23 Jan 2023 10:07:20 GMT
pixel
ap.lijit.com/ Frame BF67 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D4%26spui%3D%26dpui%3D%24UID
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2001415.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 24 Dec 2022 10:07:20 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
i.gif
e.serverbid.com/udb/9969/sync/ Frame BF67
Redirect Chain
  • https://p.rfihub.com/cm?pub=42786&in=1
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=53&userId=5109685625407808780
35 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=53&userId=5109685625407808780
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2001415.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:20 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=53&userId=5109685625407808780
Date
Sat, 24 Dec 2022 10:07:20 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usersync
x.serverbid.com/ Frame BF67
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D&s=185073&C=1
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Y6bPWOa4eXFjFoTtryyD1wAA%261203
35 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Y6bPWOa4eXFjFoTtryyD1wAA%261203
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2001415.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:21 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:20 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YoLG5X2h370rgIJMnk3n%2BhcH%2Fj%2FpNNkp2KTcrVyupbUACjixY%2FVYYcDrSVATxotqGxsJUEmo%2B2bqQso3J1JUESGHHbDxIIlJMVXJjp6ncTaJyE11NeMuVa%2FWtH2vbrbf6mCk9sK1puXNgw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Y6bPWOa4eXFjFoTtryyD1wAA%261203
cache-control
no-cache
cf-ray
77e8878a28269a1d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
prebid
rtb.openx.net/sync/ Frame BF67 		43 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5531%26spui%3D%26dpui%3D%24%7BUID%7D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2001415.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:19 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
br7nuktn4uisah7ffq52bitos6e2codt
usersync
x.serverbid.com/ Frame BF67
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=6212074435349714829
35 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=6212074435349714829
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2001415.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:20 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

Date
Sat, 24 Dec 2022 10:07:20 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
a97b9fc3-2640-418a-b59e-70c8c1e6b8bb
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=6212074435349714829
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usa
sync.go.sonobi.com/ Frame BF67 		0
496 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5444%26spui%3D%26dpui%3D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2001415.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:20 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-9
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
/
onetag-sys.com/usync/ Frame FAA9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=6c68086c0c61793
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2001415.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.serverbid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FB04 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2001415.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://sync.serverbid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=157700
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sat, 24 Dec 2022 10:07:20 GMT
expires
Mon, 26 Dec 2022 05:55:40 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync
vid.vidoomy.com/ Frame EBA1 		49 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vid.vidoomy.com/sync?redirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D6227%26spui%3D%26dpui%3D%7B%7BVID%7D%7D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2001415.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:f400::4 , United Kingdom, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
acff2f7ced83945dfb1b2227c926ec6a29d4c9ef436b6cd78a0d0d7447286a09

Request headers

Referer
https://sync.serverbid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 10:07:20 GMT
etag
W/"61c991db-c5bc"
last-modified
Mon, 27 Dec 2021 10:13:47 GMT
server
CDN77-Turbo
x-77-cache
HIT
x-77-nzt
AamW8oqvA7b/BAsBAA
x-77-nzt-ray
bcd92b1f0f00aadd58cfa6633a560b0f
x-77-pop
zagrebHR
x-accel-expires
@1672844884
x-age
68356
x-cache
HIT
rid
match.adsrvr.org/track/ Frame BF67 		63 B
391 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2001415.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
ae4f9786606dd99b88bedfb8432b47789670032cf7cf67793b02031e98fdbf27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:20 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://sync.serverbid.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Mon, 23 Jan 2023 10:07:20 GMT
zone
ads.bidstreamserver.com/servlet/view/banner/javascript/ Frame 8B6D 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.bidstreamserver.com/servlet/view/banner/javascript/zone?pid=0&zid=638&fcid=950&uuid=9070c017ce75def74666ccd2bb5bc39f&viewable=false&random=41201069&millis=20221224050716&hb_request=98989297&hb_error=decline&friendly=friendly_41201069&language=de&pvid=82898819&resolution=1600x1200&txid=29916087&frcn=0&sid=8&sver=1&tagid=ad-15977849&uuid=9070c017ce75def74666ccd2bb5bc39f&referrer=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.10.31.14 Edmonton, Canada, ASN36483 (GOSSAMERTHREADS, CA),
Reverse DNS
Software
nginx /
Resource Hash
00bfb75d3e2d5a0fc71008fcb688b6d42b8fe4db2024b6de74f577254e5a45b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:20 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
P3P
CP="NOI DSP COR NID"
Cache-Control
no-cache, no-store
Connection
keep-alive
X-Robots-Tag
none
Expires
Thu, 31 Dec 1998 11:59:59 GMT
media
ads.bidstreamserver.com/servlet/view/banner/javascript/ Frame A6EE 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.bidstreamserver.com/servlet/view/banner/javascript/media?mid=0&cid=950&pid=0&zid=638&uuid=9070c017ce75def74666ccd2bb5bc39f&viewable=false&random=16954618&millis=20221224050716&hb_request=63491654&hb_bidder=appnexus&hb_cpm=0.0126&hb_adid=22e08c8cde22646&hb_dealid=null&hb_size=300x250&hb_async=ad-83406151&language=de&pvid=82898819&resolution=1600x1200&txid=79877780&frcn=0&sid=8&sver=1&tagid=ad-83406151&uuid=9070c017ce75def74666ccd2bb5bc39f&referrer=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.10.31.14 Edmonton, Canada, ASN36483 (GOSSAMERTHREADS, CA),
Reverse DNS
Software
nginx /
Resource Hash
ddc69579d30a86d336e8bde0f848786b96e8ac5e93c3694a85765786eac520ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:20 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
P3P
CP="NOI DSP COR NID"
Cache-Control
no-cache, no-store
Connection
keep-alive
X-Robots-Tag
none
Expires
Thu, 31 Dec 1998 11:59:59 GMT
000002447532.gif
imagesrv.adition.com/banners/273/files/00/25/58/ac/ Frame 2690 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesrv.adition.com/banners/273/files/00/25/58/ac/000002447532.gif
Requested by
Host: ad4.adfarm1.adition.com
URL: https://ad4.adfarm1.adition.com/banner?sid=3692289&wpt=H&ac=-1&bid=16707077&userid=7124704239831220522&clickurl=https://fra1-ib.adnxs.com/click?DJOpglFJfT9-VZF-uR52PwAAAIAUruc_flWRfrkedj8Mk6mCUUl9P0Y_g_urAXQHjRdONcm4NVZWz6ZjAAAAAHlDgQEYKAAAYQwAAAIAAAAbqS0XnuYfAAAAAABVU0QARVVSACwB-gAx-QAAAAABAQUCAAAAAMoApCGwmAAAAAA./bcr=AAAAAAAA8D8=/cnd=%21_hYA2wjX9uMZEJvStrkBGJ7NfyAAKAAxAAAAAAAACEA6CUZSQTE6NTc3NkCIMElIMxZNZyfuP1EAAAAAAAAAAFkAAAAAAAAAAGG4HoXrUbieP2kAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MzE2OSNGUkExOjU3NzY=/bn=93370/clickenc=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
e3d228f21c1416847a787052cadbac5df6182bb7b5fb185d4edbf9dc225e5ec3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad4.adfarm1.adition.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 24 Dec 2022 10:07:20 GMT
last-modified
Tue, 04 Oct 2022 07:30:36 GMT
accept-ranges
bytes
etag
"2700043250"
content-length
2096780
content-type
image/gif
000002447532.gif
imagesrv.adition.com/banners/273/files/00/25/58/ac/ Frame CC5B 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesrv.adition.com/banners/273/files/00/25/58/ac/000002447532.gif
Requested by
Host: ad4.adfarm1.adition.com
URL: https://ad4.adfarm1.adition.com/banner?sid=3692289&wpt=H&ac=-1&bid=16707077&userid=7124704239831220522&clickurl=https://fra1-ib.adnxs.com/click?DJOpglFJfT9-VZF-uR52PwAAAIAUruc_flWRfrkedj8Mk6mCUUl9PzzsOzqF2igtjRdONcm4NVZWz6ZjAAAAAHlDgQEYKAAAYQwAAAIAAAAbqS0XnuYfAAAAAABVU0QARVVSACwB-gAx-QAAAAABAQUCAAAAAMoAyyFXpQAAAAA./bcr=AAAAAAAA8D8=/cnd=%219BZB2AjX9uMZEJvStrkBGJ7NfyAAKAAxAAAAAAAACEA6CUZSQTE6NjYzMECIMElIMxZNZyfuP1EAAAAAAAAAAFkAAAAAAAAAAGG4HoXrUbieP2kAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MzE2OSNGUkExOjY2MzA=/bn=99395/clickenc=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
e3d228f21c1416847a787052cadbac5df6182bb7b5fb185d4edbf9dc225e5ec3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad4.adfarm1.adition.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 24 Dec 2022 10:07:20 GMT
last-modified
Tue, 04 Oct 2022 07:30:36 GMT
accept-ranges
bytes
etag
"2700043250"
content-length
2096780
content-type
image/gif
banner
ad4.adfarm1.adition.com/ Frame 3444 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4.adfarm1.adition.com/banner?sid=4787253&adjsver=3&fvers=&iframe=1&ref=https%3A//flashnetic.com/r/p.html%3Ff%3Dvwggzaudv%26e%3D1535582086632&ro=https%3A//flashnetic.com/r/p.html%3Ff%3Dvwggzaudv%26e%3D1535582086632&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/108.0.5359.124%20Safari/537.36&os=17&browser=11&userid=0&wi=237375833&ac=1&kw=%5Bmtp%5D%28cid%29406782912%5BAAID%5D%5BIDFA%5D%5Bu%5Dhttps%3A%2F%2Fforward.com%2F%5Bp%5D1654713%5Bmtp%5D%28segc%29&gdpr=0&screen_res=6&prf[ADVERTISINGID]=&prf[IDFA]=&prf[paadformat]=728x90&prf[paappid]=&prf[paauction]=4295564537913537761&prf[pacarrier]=1&prf[paclickid]=&prf[padevice]=0&prf[padevid]=&prf[padsp]=apx&prf[padspuserid]=6212074435349714829&prf[pageolat]=&prf[pageolon]=&prf[paplacementid]=6063205&prf[papublisherid]=1654713&prf[paref]=https://forward.com/&prf[pasource]=&prf[passp]=10264&prf[pasupplytype]=0&prf[pavendor]=&wpt=J&clickurl=https%3A%2F%2Ffra1%2Dib.adnxs.com%2Fclick%3FKHqKBn054D9ViIyJNfvYPwAAAIA9Cu8%5FRxz1wmt%5F5D%5FH155ZEqDqP%2DH0GTgw6Zw7jRdONcm4NVZVz6ZjAAAAAJdDgQEYKAAAsAQAAAIAAADAAz8YnuYfAAAAAABVU0QARVVSANgCWgAx%2DQAAAAABAQUCAAAAAMoAWyUv4wAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521BhJD%5FAjJo5YaEMCH%5FMEBGJ7NfyAAKAAxAAAAAAAAAAA6CUZSQTE6NTc3N0CIMElIMxZNZyfuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTIwMCNGUkExOjU3Nzc%3D%2Fbn%3D75880%2Fclickenc%3D
Requested by
Host: ad4.adfarm1.adition.com
URL: https://ad4.adfarm1.adition.com/js?wp_id=4787253&gdpr=0&gdpr_consent=&prf[paappid]=&prf[padevid]=&prf[IDFA]=&prf[ADVERTISINGID]=&prf[pasource]=&prf[paplacementid]=6063205&prf[papublisherid]=1654713&prf[paref]=https%3A%2F%2Fforward.com%2F&prf[pasupplytype]=0&prf[padsp]=apx&prf[padevice]=0&prf[paadformat]=728x90&prf[pavendor]=&prf[paclickid]=&prf[pacarrier]=1&prf[paauction]=4295564537913537761&prf[pageolat]=&prf[pageolon]=&prf[padspuserid]=6212074435349714829&prf[passp]=10264&keyword=[mtp](cid)406782912[AAID][IDFA][u]https%3A%2F%2Fforward.com%2F[p]1654713[mtp](segc)&clickurl=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FKHqKBn054D9ViIyJNfvYPwAAAIA9Cu8_Rxz1wmt_5D_H155ZEqDqP-H0GTgw6Zw7jRdONcm4NVZVz6ZjAAAAAJdDgQEYKAAAsAQAAAIAAADAAz8YnuYfAAAAAABVU0QARVVSANgCWgAx-QAAAAABAQUCAAAAAMoAWyUv4wAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521BhJD_AjJo5YaEMCH_MEBGJ7NfyAAKAAxAAAAAAAAAAA6CUZSQTE6NTc3N0CIMElIMxZNZyfuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTIwMCNGUkExOjU3Nzc%3D%2Fbn%3D75880%2Fclickenc%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad4.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
274d3c56792eaccb485cc1b8110047cadfe94534cb68c7bb0f2633b54c4d1e78

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:07:20 +0100
content-encoding
gzip
server
ADITIONSERVER v1.0
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
content-type
text/javascript
cache-control
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
prebid7.19.0.js
hb.adpone.com/ Frame 8F0C 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=lnjwvpico&e=1828802515028
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:20 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3239
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LlKhrP%2BIPjdRWCLQXpnuBnD%2B4yUkjVxAv2PDNTSVtWD8yVdeodyKbbNtP60raVlUSOQKJqb66TNR%2FiyHJAjb%2BmaSq9%2Fc4owlZYTb3ROMx%2BV0nCksxjSU3eX6diFwV9uKJLdmr5q%2FK%2B1I%2BpU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e887874a0b9022-FRA
prebid7.19.0.js
hb.adpone.com/ Frame DA0F 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=sjduzs&e=1828802515028
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:20 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3239
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xR6Mx%2FuALLd2qM%2B56yCIStgnSxVJjj1V4EzJFZcUOegsYvdvg2O8wYszP5oRsR6yAWPEwiBpaFR%2FfXOnLDp0qF8v7K3vxxoofnwXt%2FZbKXgjCw%2BOaHdy0A3jWK3b5DVNS%2BaL533VkOOh35w%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e887876a2e9022-FRA
prebid7.19.0.js
hb.adpone.com/ Frame 9A73 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=gpghfnc&e=1828802515028
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:20 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3239
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=najgyQgwOjtvS3rrJC%2B5Vnqb07l2cDPDFLZGQWaoYpM1ADYnaEcAA1p4OSIhJ8yRtk6Ycxer94j8ENdxxx95aCHDdjBabc%2Fwk7EybpSg7yAl2DQ2iidNfe9VvuT2IE1ksm5aDJobqG08yM8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e887876a409022-FRA
prebid7.19.0.js
hb.adpone.com/ Frame 6F27 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=gfgafyhya&e=1828802515028
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:20 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3239
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rdcZ3csNIf4Uy2dshimEtjQwuWCfTXRgzB9%2FB1oTXQOE78E%2B5UR%2FZtFtz4vcebywHMrNUY0czIh431BcVtEOehoeoMDBoZWj%2BN7R20%2BLkcvPujZvC4%2FBUyU02OBoDY8RJ1k63fV7Qp%2Fv%2Fxs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e887877a569022-FRA
prebid7.19.0.js
hb.adpone.com/ Frame 859C 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=fvvbvws&e=1828802515028
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:20 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3239
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LZhufhog6Ogcr4C8sauojRIT3hoTrVNtpHdP9joxVd7XEIxgglDCDlvlKgIAqpUtk0nRvzv65g06X2Ztkcj5eKGKhzJ2b7bSvKoRfLO1rX8dBX60XEzwHicP%2F743j2kdjR47T%2BCrsPeuRtE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e887878a7d9022-FRA
prebid7.19.0.js
hb.adpone.com/ Frame 1CA3 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=auwgldnwcs&e=1828802515028
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:20 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3239
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z1PqWKf05poPfRQlkvgUFJc8uBR0iMtTM3tCvX68pXP%2BwnDNY%2FtUCVOvXSU1rGWCyPJITz%2FhlaxyxJGX2b9DJ33hry83%2FESQA4uPudKPoRZVAdUWsYeeJV1N%2FZqWBFFkwevUx79pNnomLwM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e887879ab89022-FRA
prebid7.19.0.js
hb.adpone.com/ Frame D2ED 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=ywmfdyn&e=1828802515028
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:20 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3239
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8AeBfCgg9hMZ2aN3LlgRZneVz2KgcqFvoXYuETrPoKgJDQjPAD27C99oDnMovhR5evt483VdliaJECHfp8RCv8mpax5edSyLyXutKe3gohO8oAihJPvVYL5GyhfrhnxU400Qt1fa%2Fn3LkcU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e88787bafb9022-FRA
prebid7.19.0.js
hb.adpone.com/ Frame D911 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=dodgrpmnji&e=1828802515028
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:20 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3239
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lTiN3%2BOkriEVipLfVj9cnPY45YwyZ2XWiABRfwb8xE7zhuQhqVnvUotwDtYjJjLNBAA58Jd7M7xIe6Rl1kuf%2FZWyQHKhJmW%2FHl5px3%2BipfifL6p2Yu84qG73wgiserhDURN6GCyO26uKh9U%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e88787bb169022-FRA
prebid7.19.0.js
hb.adpone.com/ Frame 46F5 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=bqyzrqb&e=1828802515028
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:20 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3239
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6pJLPYq06YRYlhCnGkkdzi%2FafRjNmuFYvSNLlg2eD7yGQbztDZSeGiX2cnw0mDvz%2FA9izrbE1Io46VAbDSxEhruEZrs2JKuuOx2xvuppJr0qIMYY3kOPJwjYWgEoR0SKc6eSrjuMVEvkMQ8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e88787cb3a9022-FRA
prebid7.19.0.js
hb.adpone.com/ Frame 1715 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=tluzouto&e=1828802515028
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:20 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3239
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YzQcdnHFoPGDswruE%2F%2BRdjFqg%2B0FjtaxGnoHyP7hmpiuXxL4imOskrrtAsF1IF%2FQrq2T5D6Ot1%2BxD4V8vLNO18Le%2B2yODce6YdT6qLONAw%2F0tgTdwNTpL7dcDgNZaMbKyx%2B1OIIG9wWgS6Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e88787db509022-FRA
prebid7.19.0.js
hb.adpone.com/ Frame A4F6 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=amszaskej&e=1828802515028
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:20 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3239
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iI4zDCse0xpoQYla%2FA7bYM3rpXwwgu%2FiVGQtblh6o2yTEno%2FMh75gcTvt5FARPvTYe%2BIQTrA2vlpwNdLH9pkRUsBDYTMDiz%2BC%2Brj6NkAez7RLeeAIGrLsiTDDj1UgoXiPDSAVTMnu2ZwTKg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e88787eb6d9022-FRA
prebid7.19.0.js
hb.adpone.com/ Frame 514D 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=fatbtylgv&e=1828802515028
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:20 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3239
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KM%2FW5HEFU39FIkvnw3FwzwHdSxWXLppx55g5LeLyibfF5aWGlT3hRbjYARkLN%2BO0AW1B8DzjyAuv3UM4P8xJ3QuD3teRf1RH2aivICwNaOU2EwtNnwFyU4N%2BKvRfIksC4djg0m48QN6IU%2Fw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e88787fb9b9022-FRA
prebid7.19.0.js
hb.adpone.com/ Frame A6B6 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=yvopv&e=1828802515028
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:20 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3239
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F5Td3UunKSr090kpWKQ0jM1oNNN%2BJot%2BDWood7dDf1iZ76JbtJ%2B8%2FhaawjVPiiNV7YVv4PBVUlSA0e81bvckDeqE8ocM0x4EGFr%2FbRZAvklttMpbhpps9rjFECboWL5P1O%2FlOrtSdXdGOEk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e887880bcf9022-FRA
prebid7.19.0.js
hb.adpone.com/ Frame 964E 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=gfmenxv&e=1828802515028
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:20 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9W4RBN9C2DKNZT9Z
age
3239
x-amz-id-2
wART4xpkP1PcF8cuX2K0wR3mtZihq3CLRYHQG7FEaxQO3JbLogEe9IYKP7nfOXYVNrabgTAvSLM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NboEwWbak4qK%2BscFX2XjaIj6d%2BaN7hjl6qr%2FuxKMSu8WwaOTTAJY5yT2JkMmplnW4WVXsEOSN%2FPiWHLahgDwuQFUFB2IXqZNnSB8IpV51eq72GglHXtvxxHLzxqwb9Xz4qieS%2BAEp40BkgU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e887881be89022-FRA
B24035859.271673552;dc_ver=92.271;sz=728x90;u_sd=1;gdpr=0;aucid=5127083361354022725;crid=273202276;ioid=%24%7BINSERTION_ORDER_ID%7D;liid=%24%7BCAMPAIGN_ID%7D;segid=%24%7BPIXEL_ID_COMMA%7D;srcid=%24...
ad.doubleclick.net/ddm/adj/N163801.2560713PROPERTYSOLUTIONS/ Frame 8045 		65 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N163801.2560713PROPERTYSOLUTIONS/B24035859.271673552;dc_ver=92.271;sz=728x90;u_sd=1;gdpr=0;aucid=5127083361354022725;crid=273202276;ioid=%24%7BINSERTION_ORDER_ID%7D;liid=%24%7BCAMPAIGN_ID%7D;segid=%24%7BPIXEL_ID_COMMA%7D;srcid=%24%7BSOURCE_URL%7D;dc_adk=3210668679;ord=wczkoj;click=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FNZ2dDI6Shz9rruNPfpGBPwAAAIA9Cu8_a67jT36RgT80nZ0MjpKHP0V_UhcnDydHjRdONcm4NVZVz6ZjAAAAAJdDgQEYKAAA6h8AAAIAAABkvEgQnuYfAAAAAABVU0QARVVSANgCWgAx-QAAAAABAQUCAAAAAMoA5yI1AAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521eRZTYwjV4JUXEOT4ooIBGJ7NfyAAKAAxmpmZmZmZuT86CUZSQTE6NTY4NUCIMEkAAAAAAADwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAADQP2kAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DODE3MCNGUkExOjU2ODU%3D%2Fbn%3D75884%2Fclickenc%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Fforward.com%2F$0;xdt=1;crlt=SGqX)'TyIK;gcsr=m;stc=1;chaa=1;sttr=1004;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v92.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
cafe /
Resource Hash
a5c99d00326c44f5282df532d777645911e42fe26b9ba74b15a446315a291697
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28137
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.130.js
static.criteo.net/js/ld/ Frame BAC3 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.130.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:20 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 17 Sep 2022 19:59:55 GMT
server
nginx
etag
W/"6326273b-16120"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 25 Dec 2022 10:07:20 GMT
setuid
prebid.bidstreamserver.com/ Frame A742
Redirect Chain
  • https://onetag-sys.com/usync/?redir=https%3A%2F%2Fprebid.bidstreamserver.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D
  • https://prebid.bidstreamserver.com/setuid?bidder=onetag&gdpr=&gdpr_consent=&f=b&uid=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.bidstreamserver.com/setuid?bidder=onetag&gdpr=&gdpr_consent=&f=b&uid=
Requested by
Host: ads.bidstreamserver.com
URL: https://ads.bidstreamserver.com/js/prebid-bidstream-7.16.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.227.116.104 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
prebid2.advertserve.com
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 10:07:20 GMT
expires
0
pragma
no-cache
server
nginx
vary
Accept-Encoding Origin
x-frame-options
DENY

Redirect headers

cache-control
no-store
content-length
0
location
https://prebid.bidstreamserver.com/setuid?bidder=onetag&gdpr=&gdpr_consent=&f=b&uid=
strict-transport-security
max-age=15552000
setuid
prebid.bidstreamserver.com/ Frame B945
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=&us_privacy=&cb=https%3A%2F%2Fprebid.bidstreamserver.com%2Fsetuid%3Fbidder%3Damx%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D
  • https://prebid.bidstreamserver.com/setuid?bidder=amx&gdpr=&gdpr_consent=&f=i&uid=dd11488c-7a2a-49a0-9cad-3c3ecd06ae98&gdpr=&gdpr_consent=&us_privacy=
86 B
468 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.bidstreamserver.com/setuid?bidder=amx&gdpr=&gdpr_consent=&f=i&uid=dd11488c-7a2a-49a0-9cad-3c3ecd06ae98&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Server
165.227.116.104 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
prebid2.advertserve.com
Software
nginx /
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:21 GMT
server
nginx
vary
Origin
x-frame-options
DENY
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
content-length
86
expires
0

Redirect headers

location
https://prebid.bidstreamserver.com/setuid?bidder=amx&gdpr=&gdpr_consent=&f=i&uid=dd11488c-7a2a-49a0-9cad-3c3ecd06ae98&gdpr=&gdpr_consent=&us_privacy=
date
Sat, 24 Dec 2022 10:07:20 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
content-length
0
000002447532.gif
imagesrv.adition.com/banners/273/files/00/25/58/ac/ Frame C000 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesrv.adition.com/banners/273/files/00/25/58/ac/000002447532.gif
Requested by
Host: ad4.adfarm1.adition.com
URL: https://ad4.adfarm1.adition.com/banner?sid=3692289&wpt=H&ac=-1&bid=16707077&userid=7124704239831220522&clickurl=https://fra1-ib.adnxs.com/click?DJOpglFJfT9-VZF-uR52PwAAAIAUruc_flWRfrkedj8Mk6mCUUl9P9T9pXhZens-jRdONcm4NVZWz6ZjAAAAAHlDgQEYKAAAYQwAAAIAAAAbqS0XnuYfAAAAAABVU0QARVVSACwB-gAx-QAAAAABAQUCAAAAAMoA9CIGCgAAAAA./bcr=AAAAAAAA8D8=/cnd=%21ARfS2wjX9uMZEJvStrkBGJ7NfyAAKAAxAAAAAAAACEA6CUZSQTE6NTc3OUCIMElIMxZNZyfuP1EAAAAAAAAAAFkAAAAAAAAAAGG4HoXrUbieP2kAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MzE2OSNGUkExOjU3Nzk=/bn=93374/clickenc=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
e3d228f21c1416847a787052cadbac5df6182bb7b5fb185d4edbf9dc225e5ec3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad4.adfarm1.adition.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 24 Dec 2022 10:07:20 GMT
last-modified
Tue, 04 Oct 2022 07:30:36 GMT
accept-ranges
bytes
etag
"2700043250"
content-length
2096780
content-type
image/gif
v1
prg.smartadserver.com/prebid/ Frame 2670 		171 B
553 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:19 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://forward.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ Frame 2670 		171 B
553 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:20 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://forward.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame 2670 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
8226d34df690543496498dd05b2e166bfa2be49c8644cc651364f0d578137ddc
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:20 GMT
AN-X-Request-Uuid
f0541e1d-85a9-4e8e-ac03-4ef3007aaa62
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://forward.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 2670 		0
173 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://forward.com
date
Sat, 24 Dec 2022 10:07:20 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
/
shb.richaudience.com/hb/ Frame 2670 		4 B
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.55.101.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.208.101.55.162.clients.your-server.de
Software
nginx/1.14.1 /
Resource Hash
d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:13 GMT
content-encoding
gzip
server
nginx/1.14.1
vary
Accept-Encoding, Accept-Encoding
access-control-max-age
86400
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://forward.com
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ Frame 2670 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://forward.com
date
Sat, 24 Dec 2022 10:07:20 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame 2670 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=522837150&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:19 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://forward.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 2670 		418 B
476 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F&tg_i.domain=forward.com&tg_i.pbadslot=%2F21671350435%2C22712312433%2F300x250-forward.com&tk_flint=pbjs_lite_v7.19.0&x_source.tid=6effe1a8-6265-4dcc-a500-e86beac71d33&l_pb_bid_id=16455823b9806f4&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5464494640484043
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
fc7739fbb0e53c62017cf199604c9e8e77a0892aa9c47a33fb71e00141ae323f

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:20 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://forward.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
418
expires
Wed, 17 Sep 1975 21:32:10 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame 2670 		37 B
500 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2217113636940d1da%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22%2F21671350435%2C22712312433%2F300x250-forward.com%22%2C%22adunitcode%22%3A%22%2F21671350435%2C22712312433%2F300x250-forward.com%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2218d232470cb8f02%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%226effe1a8-6265-4dcc-a500-e86beac71d33%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%22d3c9a28a-7a6c-446d-aef2-19b041d65fd8%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e82c1a7898d05fe7bd7bf73bed1ae473708e5ba6d91a74df4ce6dad4696dcd69

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:20 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dCPuQuN8etp7T3Wy1TAowfM3kHsr3KqhDPtKRkLrT5DAXSDd9uLYnLdmHIkwxmVN3xcBI5sQwmS0tcebSuQBzwES8%2FdbGEDtdyvaYjJ8N7dy%2FdMauqD37Ie6j0Ub9X1%2BLH8WJNi3"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://forward.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e887889b2b696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6276 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
289727
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 21 Dec 2022 01:38:33 GMT
expires
Thu, 21 Dec 2023 01:38:33 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 0A50 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
da41ce6cf283477cc9075a9be6503feba0a07716620a8044173cd6644e85bc17
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-bdiRmeP8ByRg1jsJnu4cow' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-bdiRmeP8ByRg1jsJnu4cow' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 24 Dec 2022 10:07:20 GMT
expires
Sat, 24 Dec 2022 10:07:20 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
B24050075.272021061;dc_ver=92.271;sz=728x90;u_sd=1;gdpr=0;aucid=2665707921651158563;crid=277208876;ioid=%24%7BINSERTION_ORDER_ID%7D;liid=%24%7BCAMPAIGN_ID%7D;segid=%24%7BPIXEL_ID_COMMA%7D;srcid=%24...
ad.doubleclick.net/ddm/adj/N163801.2560713PROPERTYSOLUTIONS/ Frame 3516 		66 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N163801.2560713PROPERTYSOLUTIONS/B24050075.272021061;dc_ver=92.271;sz=728x90;u_sd=1;gdpr=0;aucid=2665707921651158563;crid=277208876;ioid=%24%7BINSERTION_ORDER_ID%7D;liid=%24%7BCAMPAIGN_ID%7D;segid=%24%7BPIXEL_ID_COMMA%7D;srcid=%24%7BSOURCE_URL%7D;dc_adk=1796769762;ord=194xxb;click=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FBdhHp658hj9vXRrQZcKAPwAAAIA9Cu8_b10a0GXCgD8G2EenrnyGPyNO9jA7f_4kjRdONcm4NVZWz6ZjAAAAAJdDgQEYKAAA6h8AAAIAAAAs34UQnuYfAAAAAABVU0QARVVSANgCWgAx-QAAAAABAQUCAAAAAMoAaiRLbAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521SRaYUgjgxv0SEKy-l4QBGJ7NfyAAKAAxmpmZmZmZuT86CUZSQTE6NjYzMECIMEkAAAAAAADwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAADQP2kAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DODE3MCNGUkExOjY2MzA%3D%2Fbn%3D99396%2Fclickenc%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Fforward.com%2F$0;xdt=1;crlt=SGqX)'TyIK;gcsr=m;stc=1;chaa=1;sttr=1007;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v92.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
cafe /
Resource Hash
5acf1b535816d81ea58c193e91e0eea2e08adbdaf83b76ac59530f027aec20c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28202
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
B22045245.235138843;dc_ver=92.271;sz=728x90;u_sd=1;aucid=2378070731381729339;crid=240637446;ioid=%24%7BINSERTION_ORDER_ID%7D;liid=%24%7BCAMPAIGN_ID%7D;segid=%24%7BPIXEL_ID_COMMA%7D;srcid=%24%7BSOUR...
ad.doubleclick.net/ddm/adj/N163801.2560713PROPERTYSOLUTIONS/ Frame 2F0C 		57 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N163801.2560713PROPERTYSOLUTIONS/B22045245.235138843;dc_ver=92.271;sz=728x90;u_sd=1;aucid=2378070731381729339;crid=240637446;ioid=%24%7BINSERTION_ORDER_ID%7D;liid=%24%7BCAMPAIGN_ID%7D;segid=%24%7BPIXEL_ID_COMMA%7D;srcid=%24%7BSOURCE_URL%7D;dc_adk=3504469854;ord=qvptfr;click=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FMUJ4tHHEij8gkyrgDvODPwAAAIA9Cu8_IJMq4A7zgz8xQni0ccSKPzvowgq7mgAhjRdONcm4NVZWz6ZjAAAAAJdDgQEYKAAA6h8AAAIAAAAG1lcOnuYfAAAAAABVU0QARVVSANgCWgAx-QAAAAABAQUCAAAAAMoAiiM4JgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521DhYmNAjn4pUXEIas33IYns1_IAAoADGamZmZmZm5PzoJRlJBMTo2Mzk1QIgwSQAAAAAAAPA_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAANA_aQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DODE3MCNGUkExOjYzOTU%3D%2Fbn%3D98890%2Fclickenc%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Fforward.com%2F$0;xdt=1;crlt=SGqX)'TyIK;stc=1;chaa=1;sttr=1014;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v92.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
cafe /
Resource Hash
299b443627f9b0bbfbfac48a51a6f78d13306626f80367be1880de1007ef77ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27411
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
B24120111.272942961;dc_ver=92.271;dc_eid=40004000;sz=728x90;u_sd=1;aucid=2515534623547100295;crid=240664030;ioid=%24%7BINSERTION_ORDER_ID%7D;liid=%24%7BCAMPAIGN_ID%7D;segid=%24%7BPIXEL_ID_COMMA%7D;...
ad.doubleclick.net/ddm/adj/N163801.2560713PROPERTYSOLUTIONS/ Frame BE2C 		65 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N163801.2560713PROPERTYSOLUTIONS/B24120111.272942961;dc_ver=92.271;dc_eid=40004000;sz=728x90;u_sd=1;aucid=2515534623547100295;crid=240664030;ioid=%24%7BINSERTION_ORDER_ID%7D;liid=%24%7BCAMPAIGN_ID%7D;segid=%24%7BPIXEL_ID_COMMA%7D;srcid=%24%7BSOURCE_URL%7D;dc_adk=1597316667;ord=4gx07e;click=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3F0ytlGeJYhz_aJEHjgmaBPwAAAIA9Cu8_2iRB44JmgT_TK2UZ4liHP4eMuIhp-egijRdONcm4NVZWz6ZjAAAAAJdDgQEYKAAA6h8AAAIAAADePVgOnuYfAAAAAABVU0QARVVSANgCWgAx-QAAAAABAQUCAAAAAMoAdiXlzQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521cRbLWQi3ktUVEN774HIYns1_IAAoADGamZmZmZm5PzoJRlJBMTo2NjE3QIgwSQAAAAAAAPA_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAANA_aQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DODE3MCNGUkExOjY2MTc%3D%2Fbn%3D99354%2Fclickenc%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Fforward.com%2F$0;xdt=1;crlt=SGqX)'TyIK;stc=1;chaa=1;sttr=1017;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v92.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
cafe /
Resource Hash
bb737a9d64a659472f0cd0d7723c5dadb4429da71676770ab58d6f72cb8e7a42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28063
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
impl_v92.js
www.googletagservices.com/dcm/ Frame D573 		60 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v92.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8acf96115cb55ad61bfdc24b7918a946d1b983ac14062a584dbbe8744021430a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 18 Dec 2022 01:33:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
549250
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23563
x-xss-protection
0
last-modified
Mon, 07 Nov 2022 16:32:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 18 Dec 2023 01:33:10 GMT
async_usersync
ib.adnxs.com/ Frame C20A 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1654713&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:20 GMT
AN-X-Request-Uuid
018332ac-07e3-4a26-a996-25442263ed8d
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 75DB 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1654713&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:20 GMT
AN-X-Request-Uuid
b80d9b66-af7a-48db-a800-bedb342d65d6
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame 4B98 		171 B
553 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:20 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://forward.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ Frame 4B98 		36 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22313b1e2f736179%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22%2F21671350435%2C22712312433%2F728x90-forward.com%22%2C%22adunitcode%22%3A%22%2F21671350435%2C22712312433%2F728x90-forward.com%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%224f2afc34d80baf%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%22e35f306f-34a9-4ad9-84db-1ac1bcb7a6ad%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%2288468c6a-c1cb-4ca0-a742-e57139c26196%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89b8e800f0c2b8d79bac42f083ce47db5b7bcf99c3736f5c2b9112d3da298edb

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:20 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hTxOmrtvomPSZMhey6vDEi%2BxEp2urkS8H8%2BI%2F65mP%2BKUlxo9nQE2sQ86V2gitvczLAb2b8QWIByVzNR26XzHROWaxw18jMV7Rj7NsifvcEi4gPizLxFcUkPhofx%2B%2FJ3mksYMX7%2BH"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://forward.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e88789acfc696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
translator
hbopenbid.pubmatic.com/ Frame 4B98 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://forward.com
date
Sat, 24 Dec 2022 10:07:19 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 4B98 		0
173 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://forward.com
date
Sat, 24 Dec 2022 10:07:20 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 4B98 		416 B
451 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F&tg_i.domain=forward.com&tg_i.pbadslot=%2F21671350435%2C22712312433%2F728x90-forward.com&tk_flint=pbjs_lite_v7.19.0&x_source.tid=e35f306f-34a9-4ad9-84db-1ac1bcb7a6ad&l_pb_bid_id=102e0ea3741155&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3333567068249763
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
1ddabbfc521986e2bd978239ce97f7a04d5c1989c8486fec033810f92fc5280f

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:20 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://forward.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
416
expires
Wed, 17 Sep 1975 21:32:10 GMT
/
shb.richaudience.com/hb/ Frame 4B98 		4 B
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.55.101.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.208.101.55.162.clients.your-server.de
Software
nginx/1.14.1 /
Resource Hash
d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:13 GMT
content-encoding
gzip
server
nginx/1.14.1
vary
Accept-Encoding, Accept-Encoding
access-control-max-age
86400
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://forward.com
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame 4B98 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=94468591618&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:19 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://forward.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
prebid
ib.adnxs.com/ut/v3/ Frame 4B98 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
9f0a28c36e4306b4dd5139cbd6db4c73d88c806f90e1d627ace099e2e50e2196
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:20 GMT
AN-X-Request-Uuid
6d29763e-699a-4225-b1e5-50f7b9ff49fc
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://forward.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame CF04 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1654713&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:20 GMT
AN-X-Request-Uuid
7a7e2a9d-9b04-4847-8dcb-fa567b8070a9
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
current
prebid-match.dotomi.com/match/bounce/ Frame 64CC 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fprebid.bidstreamserver.com%2Fsetuid%3Fbidder%3Dconversant%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:20 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
current
prebid-match.dotomi.com/match/bounce/ Frame 2E2E 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fprebid.bidstreamserver.com%2Fsetuid%3Fbidder%3Dconversant%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D
Requested by
Host: ads.bidstreamserver.com
URL: https://ads.bidstreamserver.com/js/prebid-bidstream-7.16.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:20 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame EF10 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 24 Dec 2022 10:07:20 GMT
impl_v92.js
www.googletagservices.com/dcm/ Frame A4FA 		60 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v92.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8acf96115cb55ad61bfdc24b7918a946d1b983ac14062a584dbbe8744021430a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 18 Dec 2022 01:33:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
549250
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23563
x-xss-protection
0
last-modified
Mon, 07 Nov 2022 16:32:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 18 Dec 2023 01:33:10 GMT
1a
i.clean.gg/ Frame 8529 		0
15 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 24 Dec 2022 10:07:21 GMT
via
1.1 google
server
nginx/1.21.6
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
1a
i.clean.gg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://flashnetic.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=utf-8
date
Sat, 24 Dec 2022 10:07:20 GMT
server
nginx/1.21.6
via
1.1 google
banner
ad4.adfarm1.adition.com/ Frame 8A4B 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4.adfarm1.adition.com/banner?sid=3692289&wpt=H&ac=-1&bid=16707077&userid=7124704239831220522&clickurl=https://fra1-ib.adnxs.com/click?DJOpglFJfT9-VZF-uR52PwAAAIAUruc_flWRfrkedj8Mk6mCUUl9Pydo9CJYdeZ1jRdONcm4NVZWz6ZjAAAAAHlDgQEYKAAAYQwAAAIAAAAbqS0XnuYfAAAAAABVU0QARVVSACwB-gAx-QAAAAABAQUCAAAAAMoARyKSywAAAAA./bcr=AAAAAAAA8D8=/cnd=%21-xYq2gjX9uMZEJvStrkBGJ7NfyAAKAAxAAAAAAAACEA6CUZSQTE6NjYyOECIMElIMxZNZyfuP1EAAAAAAAAAAFkAAAAAAAAAAGG4HoXrUbieP2kAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MzE2OSNGUkExOjY2Mjg=/bn=74492/clickenc=
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=rrurktyjt&e=1971603729092
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad4.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
4ba6ace93c87796e8a62f42858f9b2e5cb2fd3a531ed8f8d1f20886fe84974d8

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 11:07:20 +0100
expires
Sat, 01 Jan 2000 00:00:00 GMT
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pragma
no-cache
server
ADITIONSERVER v1.0
async_usersync.html
acdn.adnxs.com/dmp/ Frame 5B39 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=rrurktyjt&e=1971603729092
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
53028
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 24 Dec 2022 10:07:20 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 15 Dec 2022 19:23:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
100, 270946
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220068-HHN
X-Timer
S1671876441.782500,VS0,VE0
rd_log
fra1-ib.adnxs.com/ Frame 8529 		0
930 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fforward.com%2F&e=wqT_3QLIDfBMyAYAAAMA1gAFAQjWnpudBhCn0NGXgqud83UYja-4qpOZ7ppWKjYJDJOpglFJfT8RflWRfrkedj8ZAAAAgBSu5z8hflWRfrkedj8pDJMJJPCaMQAAAEDheoQ_MPmGhQw4mFBA4RhIAlCb0ra5AViezX9gAGix8pcBePzFBIABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJpdWYoJ2EnLCA0NTA2MTg4LCAwKTt1ZignaScsIDc2NTY5MjYsIDApO3VmKCdnJywgMTkxMDI1MDcsIDAJKTxzJywgMjc4NTgwOTIyLCAwCRYwcicsIDM4ODg2ODM3OQUW9IEBkgKJBSFsMy01WUFqWDl1TVpFSnZTdHJrQkdBQWduczFfTUFFNEFFQUFTT0VZVVBtR2hReFlBR0M5Qm1nQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkFxZ0JBckFCQUxrQk5FNWNPNVdXZXpfQkFmUkQ0TFgzUm4wX3lRRUFBQURBek16c1A5a0JTRE1XVFdjbjdqX2dBZDZyMHdQMUFRQUFRRUNZQWdDZ0FnQzFBZ0FBQUFDOUFnQUFBQURBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0SWdfeS1KeEFFR0FFdHdYS3dPYUlERXdpdDBfTW1FQW9ZQVMxbVptWV9NZ04xYm5HaUF3NEltcm1ZSlJBTEdBSXRBQUFBQUxvRENVWlNRVEU2TmpZeU9PQURpRENBQkpIa3FnbUlCTENKcXdtUUJBR1lCQVN5QkFrSXZ1b1JFSl9jcEEyNkJCa0k3UWdSdUI2RjYxRzRuajhaQUFBQUEBy1hBQWd2dW9Sd1FTNEhvWHJVYmllUDhrRQkbAQEYRFlCQUR4QgELDQF4aUFYa001Z0Z1cDNyaEFHcEJVZ3pGazFuSi00X3NRVQ0mFEFBQU1FRgEHCQE4REpCUUFBQUtBTGF1a18wLigABE5rFSi4OERfZ0Jjc0Y4QVdyOW8wSi1BWE1oSk1DZ2dZRFJWVlNpQVlBa0FZQm1BWUFvUVkJWzRBQUlRS2dHQkxJR0pBaxEUCEFBQh3HBEJrGRgAQx0YRExnR0NnLi6aApkBIS14WXEyZzqNAhBKN05meQG4BEF4EUIsQ0VBNkNVWlNRVEU2JZFARUNJTUVsSU14Wk5aeWZ1UDEdYQBGHXkIR0c0NWUAMh0YAEgdMAxIZ0FpRaEBAfBARHdQdy4u2AIA4AKbhU7qAhRodHRwczovL2ZvcndhcmQuY29tL_ICEQoGQURWX0lEEgc0NTA2MTg48gISCgZDUEcBFAQIMW2jARUIBUNQARQACXWiPPICDQoIQURWX0ZSRVESATAFEBxSRU1fVVNFUgUQABUJIFhDT0RFEglMQU1CT18xMzbyAgwKCENQRwkYHADyAgsKB0NQFQ4QEAoFSU8BaggHNzaFNQUhBElPFSE4EwoPQ1VTVE9NX01PREVMASsUAPICGgoWMhYAIExFQUZfTkFNRQEdCB4KGjYdAAhBU1QBPhBJRklFRAEhHBUKCFNQTElUAU0Z4vCGgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgD8NKSAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBAw4MC4yNTUuNy4xMDioBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQOMzE2OSNGUkExOjY2MjjaBAIIAeAEAfAEpaIgiAUBmAUAoAX_EQEYAcAFAMkFAAUBFPA_0gUJCQULfAAAANgFAeAFAfAFq-9J-gUECAAQAJAGAJgGALgGAMEGASEwAADwP9AG_wvaBhYKEAkRGQFwEAAYAOAGAfIGAggAgAcBiAcAoAcByAf8xQTSBw0VZAEmCNoHBgFdcBgA4AcA6gcCCADwB5bFA4oIAhAAlQgAAIA_mAgB&s=e930f01f291087a10ae1570ddfa2129c7ef9f9d5&bdref=https%3A%2F%2Fforward.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fforward.com%2F,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Drrurktyjt%26e%3D1971603729092,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Drrurktyjt%26e%3D1971603729092&
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:20 GMT
AN-X-Request-Uuid
8386b068-3e9c-4696-a847-a5fbc0eea5e0
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame E943 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1654713&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:20 GMT
AN-X-Request-Uuid
a3ffa473-6c31-4bc0-b151-d1227eea7a0e
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
index.html
cdn.flashtalking.com/129256/3290827/ Frame 64B6 		19 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/129256/3290827/index.html
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/616/6162252/3290827/js/j-6162252-3290827.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
0e1a73d8aa5cf64730ebb7a906c9bb1d1909c992a39ec954b8e13634d7af8574

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Access-Control-Max-Age
3000
Cache-Control
max-age=465
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
3587
Content-Type
text/html
Date
Sat, 24 Dec 2022 10:07:20 GMT
ETag
"1609162701"
Last-Modified
Mon, 28 Dec 2020 13:38:21 GMT
X-HW
1671876439.dop231.fr8.t,1671876439.cds164.fr8.shn,1671876440.dop231.fr8.t,1671876440.cds274.fr8.c
x-amz-id-2
744vRbpfJGj4dJkr6iDWG1jU8hi3eZGf4o1tVkOHQwnUF2gL+GxDyc+F84lA2cBvGshl8UlwPSQ=
x-amz-request-id
5RHMKTHJTWAEHE73
skeleton.js
pixel.adsafeprotected.com/rjss/st/992712/61653181/ Frame 90BF 		46 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/rjss/st/992712/61653181/skeleton.js?737021620
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/616/6162252/3290827/js/j-6162252-3290827.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.4.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-4-225.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
684d61333478655cde84db8b07a6948a25b3b1c0d536db669f90dff4deb5d9c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:20 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
ftpagefold_v4.7.2.js
cdn.flashtalking.com/pageFold/ Frame 90BF 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/pageFold/ftpagefold_v4.7.2.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/616/6162252/3290827/js/j-6162252-3290827.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
04a4ec051482dbeac84bf68c61fe3abc1cd91a21d49527e14521723bd7606d94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:20 GMT
Content-Encoding
gzip
x-amz-request-id
0VY8CGD94C72PBTP
Connection
Keep-Alive
Content-Length
5535
x-amz-id-2
4wsNWimWkb73//WXRppN1yg6VznZhqOc2LOoKVAK+Qlwcb5bZTSGVOYHNYfsq59yskHmT0XzB8w=
Last-Modified
Fri, 04 Nov 2022 15:59:45 GMT
ETag
"1667577585"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-HW
1671876439.dop107.fr8.t,1671876439.cds251.fr8.shn,1671876439.dop107.fr8.t,1671876440.cds273.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=21568
Accept-Ranges
bytes
B27471378.331615144;dc_pre=CPCI-IqBkvwCFdCw3godEbIHMA;dc_trk_aid=523976581;dc_trk_cid=168322537;ord=1671876439;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimp/N526601.2621703GROUPMCOMPETENCEC/ Frame 90BF
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N526601.2621703GROUPMCOMPETENCEC/B27471378.331615144;dc_trk_aid=523976581;dc_trk_cid=168322537;ord=1671876439;dc_lat=;dc_rdid=;tag_for_child_directed_treatme...
  • https://ad.doubleclick.net/ddm/trackimp/N526601.2621703GROUPMCOMPETENCEC/B27471378.331615144;dc_pre=CPCI-IqBkvwCFdCw3godEbIHMA;dc_trk_aid=523976581;dc_trk_cid=168322537;ord=1671876439;dc_lat=;dc_rd...
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N526601.2621703GROUPMCOMPETENCEC/B27471378.331615144;dc_pre=CPCI-IqBkvwCFdCw3godEbIHMA;dc_trk_aid=523976581;dc_trk_cid=168322537;ord=1671876439;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?&501411426
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=efljs&e=1535582086632
Protocol
H3
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:20 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N526601.2621703GROUPMCOMPETENCEC/B27471378.331615144;dc_pre=CPCI-IqBkvwCFdCw3godEbIHMA;dc_trk_aid=523976581;dc_trk_cid=168322537;ord=1671876439;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?&501411426
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 84A8 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=efljs&e=1535582086632
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
53028
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 24 Dec 2022 10:07:20 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 15 Dec 2022 19:23:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
100, 271630
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220080-HHN
X-Timer
S1671876441.806384,VS0,VE0
rd_log
fra1-ib.adnxs.com/ Frame 90BF 		0
930 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fforward.com%2F&e=wqT_3QLSDfBM0gYAAAMA1gAFAQjVnpudBhDq8rnR6bepgVsYja-4qpOZ7ppWKjYJbqMBvAUShD8Rjrw5fbkmfz8ZAAAAgD0K7z8hjrw5fbkmfz8pbqMJJPCBMQAAAEDhepQ_MJeHhQw4mFBAqTlIAlCgxcedAViezX9gAGix8pcBeN_wBYABAYoBA1VTRJIBA0VVUpgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAml1ZignYScsIDE2OTQzNjgsIDApO3VmKCdpJywgNTI0OTAyMBUULGcnLCAxNzgwMTcxORUVMHMnLCAyNzY2MTc1MDAVFjByJywgMzMwNDI0OTkyBRbwtpIC8QQha25pTWhnaXo2WkFaRUtERng1MEJHQUFnbnMxX01BRTRBRUFBU0trNVVKZUhoUXhZQUdDOUJtZ0FjQUI0QUlBQkFJZ0JBSkFCQVpnQkFhQUJBcWdCQXJBQkFMa0Izd0FGUlozcWdqX0JBWGRzZ0owV0U0UV95UUVBQUFBQUFBRHdQOWtCU0RNV1RXY243al9nQWZ5dndBTDFBWVhya1QtWUFnQ2dBZ0MxQWdBQUFBQzlBZwE58FVEQUFnRElBZ0RRQWdEWUFnRGdBdm5jbVNIb0FvZmFscDBHLUFJQWdBTUJtQU1Cb2dNT0NQdXR2aWNRQkJnQkxUbEtPRHFpQXc0SS1keVpJUkFKR0FJdAFagEFLSURFd2l4LU40bUVBb1lBUzExWUpZX01nTjFibXVpQRk0BExHETTATG9EQ1VaU1FURTZOVE14T09BRGlEQ0FCTGlqaXdpSUJPdl9xQWlRQkFHWUJBVEJCQQVqBQEIeVFRBQgFARhOZ0VBUEVFBQwFAVBDSUJjWXBtQVdjc3ZPREFha0ZTRE0tLAgteEIdOwh3UVUFMgUBCE1rRgEIHFlOSmQ3el9SLigAADIVKPBDRHdQLUFGMUFmd0JmZkR2Z2o0QmFDMVo0SUdBMFZWVW9nR0FKQUdBWmdHQUtFR1BRclhvM0E5OGotb0JnU3lCaVFKQUEBZgUBAFIFBgkBAFoJBwUBAGgFBgUBQEM0QmdvLpoCmQEhaWhXUUpBOnUCLEo3TmZ5QUFLQUF4UBVtBDg2MlkBQEVDSU1FbElNeFpOWnlmdVAxPSwERmsFZwUBAEcdGABHHRgASB0YDEhnQWkuiQLwQ3cuLtgCAOACm4VO6gIUaHR0cHM6Ly9mb3J3YXJkLmNvbS_yAhEKBkFEVl9JRBIHMTY5NDM2OPICEgoGQ1BHX0lEEggxbYss8gISCgVDUF9JRBIJdYoQ8gINCggBPhRGUkVREgEJEBxSRU1fVVNFUgUQAAwJIBhDT0RFEgDyAQ8BWREPEAsKB0NQFQ4QEAoFSU8BYSAHNTI0OTAyMPIBIQRJTxUhOBsKD0NVU1RPTV9NT0RFTAErNAg2OTYyNzUxM_ICGgoWMh4AHExFQUZfTkFNBXkIKAoaNh0ACEFTVAFGaElGSUVEEgoxNjcxODAyMTE58gIVCghTUExJVAFfLusA8J8ZCgdTZWdtZW50Eg5BWUdPWF9QUl9JTkZSQYADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA_DSkgHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMODAuMjU1LjcuMTA4qAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA0gQONzMzNyNGUkExOjUzMTjaBAIIAeAEAfAEpa0giAUBmAUAoAX_EQEYAcAFAMkFAAUBFPA_0gUJCQULeAAAANgFAeAFAfAFhQH6BQQIABAAkAYAmAYAuAYAwQYBIDAAAPA_0Aa0JdoGFgoQCREZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB9_wBdIHDRVjASYI2gcGAV1wGADgBwDqBwIIAPAHlsUDiggCEACVCAAAgD-YCAE.&s=21739f1af6adeeea5947b43fdeebf35945cadd44&bdref=https%3A%2F%2Fforward.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fforward.com%2F,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Defljs%26e%3D1535582086632,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Defljs%26e%3D1535582086632&
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=efljs&e=1535582086632
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:20 GMT
AN-X-Request-Uuid
2ba94847-f173-41ee-a1dc-de028fd3c690
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
index.html
cdn.flashtalking.com/129256/3290827/ Frame EC34 		19 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/129256/3290827/index.html
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/616/6162252/3290827/js/j-6162252-3290827.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
0e1a73d8aa5cf64730ebb7a906c9bb1d1909c992a39ec954b8e13634d7af8574

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Access-Control-Max-Age
3000
Cache-Control
max-age=465
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
3587
Content-Type
text/html
Date
Sat, 24 Dec 2022 10:07:20 GMT
ETag
"1609162701"
Last-Modified
Mon, 28 Dec 2020 13:38:21 GMT
X-HW
1671876439.dop144.fr8.t,1671876439.cds052.fr8.shn,1671876440.dop144.fr8.t,1671876440.cds274.fr8.c
x-amz-id-2
744vRbpfJGj4dJkr6iDWG1jU8hi3eZGf4o1tVkOHQwnUF2gL+GxDyc+F84lA2cBvGshl8UlwPSQ=
x-amz-request-id
5RHMKTHJTWAEHE73
skeleton.js
pixel.adsafeprotected.com/rjss/st/992712/61653181/ Frame A931 		46 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/rjss/st/992712/61653181/skeleton.js?14052602
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/616/6162252/3290827/js/j-6162252-3290827.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.4.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-4-225.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
3a0b55d958cac444e54649fa5484824022d355e3212ef72d0cfcda3dcf1fb0d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:20 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
ftpagefold_v4.7.2.js
cdn.flashtalking.com/pageFold/ Frame A931 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/pageFold/ftpagefold_v4.7.2.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/616/6162252/3290827/js/j-6162252-3290827.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
04a4ec051482dbeac84bf68c61fe3abc1cd91a21d49527e14521723bd7606d94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:20 GMT
Content-Encoding
gzip
x-amz-request-id
0VY8CGD94C72PBTP
Connection
Keep-Alive
Content-Length
5535
x-amz-id-2
4wsNWimWkb73//WXRppN1yg6VznZhqOc2LOoKVAK+Qlwcb5bZTSGVOYHNYfsq59yskHmT0XzB8w=
Last-Modified
Fri, 04 Nov 2022 15:59:45 GMT
ETag
"1667577585"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-HW
1671876439.dop133.fr8.t,1671876439.cds107.fr8.shn,1671876439.dop133.fr8.t,1671876440.cds273.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=21568
Accept-Ranges
bytes
B27471378.331615144;dc_pre=CJaJ-IqBkvwCFUFW4AodT3MKhw;dc_trk_aid=523976581;dc_trk_cid=168322537;ord=1671876439;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimp/N526601.2621703GROUPMCOMPETENCEC/ Frame A931
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N526601.2621703GROUPMCOMPETENCEC/B27471378.331615144;dc_trk_aid=523976581;dc_trk_cid=168322537;ord=1671876439;dc_lat=;dc_rdid=;tag_for_child_directed_treatme...
  • https://ad.doubleclick.net/ddm/trackimp/N526601.2621703GROUPMCOMPETENCEC/B27471378.331615144;dc_pre=CJaJ-IqBkvwCFUFW4AodT3MKhw;dc_trk_aid=523976581;dc_trk_cid=168322537;ord=1671876439;dc_lat=;dc_rd...
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N526601.2621703GROUPMCOMPETENCEC/B27471378.331615144;dc_pre=CJaJ-IqBkvwCFUFW4AodT3MKhw;dc_trk_aid=523976581;dc_trk_cid=168322537;ord=1671876439;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?&522186882
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=icavjgt&e=1535582086632
Protocol
H3
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:20 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N526601.2621703GROUPMCOMPETENCEC/B27471378.331615144;dc_pre=CJaJ-IqBkvwCFUFW4AodT3MKhw;dc_trk_aid=523976581;dc_trk_cid=168322537;ord=1671876439;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?&522186882
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 24CB 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=icavjgt&e=1535582086632
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
53029
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 24 Dec 2022 10:07:20 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 15 Dec 2022 19:23:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
100, 275540
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220086-HHN
X-Timer
S1671876441.818082,VS0,VE0
rd_log
fra1-ib.adnxs.com/ Frame A931 		0
930 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fforward.com%2F&e=wqT_3QLSDfBM0gYAAAMA1gAFAQjVnpudBhCSr8ryp4fK11oYja-4qpOZ7ppWKjYJbqMBvAUShD8Rjrw5fbkmfz8ZAAAAgD0K7z8hjrw5fbkmfz8pbqMJJPCBMQAAAEDhepQ_MJeHhQw4mFBAqTlIAlCgxcedAViezX9gAGix8pcBeNXXBYABAYoBA1VTRJIBA0VVUpgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAml1ZignYScsIDE2OTQzNjgsIDApO3VmKCdpJywgNTI0OTAyMBUULGcnLCAxNzgwMTcxORUVMHMnLCAyNzY2MTc1MDAVFjByJywgMzMwNDI0OTkyBRbwtpIC8QQha0hnZWhRaXo2WkFaRUtERng1MEJHQUFnbnMxX01BRTRBRUFBU0trNVVKZUhoUXhZQUdDOUJtZ0FjQUI0QUlBQkFJZ0JBSkFCQVpnQkFhQUJBcWdCQXJBQkFMa0Izd0FGUlozcWdqX0JBWGRzZ0owV0U0UV95UUVBQUFBQUFBRHdQOWtCU0RNV1RXY243al9nQWZ5dndBTDFBWVhya1QtWUFnQ2dBZ0MxQWdBQUFBQzlBZwE58FVEQUFnRElBZ0RRQWdEWUFnRGdBdm5jbVNIb0FvZmFscDBHLUFJQWdBTUJtQU1Cb2dNT0NQdXR2aWNRQkJnQkxUbEtPRHFpQXc0SS1keVpJUkFKR0FJdAFagEFLSURFd2l4LU40bUVBb1lBUzExWUpZX01nTjFibXVpQRk0BExHETTATG9EQ1VaU1FURTZOVE14Ti1BRGlEQ0FCTGlqaXdpSUJPdl9xQWlRQkFHWUJBVEJCQQVqBQEIeVFRBQgFARhOZ0VBUEVFBQwFAVBDSUJjVXBtQVdjc3ZPREFha0ZTRE0tLAgteEIdOwh3UVUFMgUBCE1rRgEIHFlOSmQ3el9SLigAADIVKPBDRHdQLUFGMUFmd0JmZkR2Z2o0QmFDMVo0SUdBMFZWVW9nR0FKQUdBWmdHQUtFR1BRclhvM0E5OGotb0JnU3lCaVFKQUEBZgUBAFIFBgkBAFoJBwUBAGgFBgUBQEM0QmdvLpoCmQEhaVJWS0pBOnUCLEo3TmZ5QUFLQUF4UBVtBDg2MlkBQDBDSU1FbElNeFpOWnlmdVAxPSwERmsFZwUBAEcdGABHHRgASB0YDEhnQWkuiQLwQ3cuLtgCAOACm4VO6gIUaHR0cHM6Ly9mb3J3YXJkLmNvbS_yAhEKBkFEVl9JRBIHMTY5NDM2OPICEgoGQ1BHX0lEEggxbYss8gISCgVDUF9JRBIJdYoQ8gINCggBPhRGUkVREgEJEBxSRU1fVVNFUgUQAAwJIBhDT0RFEgDyAQ8BWREPEAsKB0NQFQ4QEAoFSU8BYSAHNTI0OTAyMPIBIQRJTxUhOBsKD0NVU1RPTV9NT0RFTAErNAg2OTYyNzUxM_ICGgoWMh4AHExFQUZfTkFNBXkIKAoaNh0ACEFTVAFGaElGSUVEEgoxNjcxODAyMTE58gIVCghTUExJVAFfLusA8J8ZCgdTZWdtZW50Eg5BWUdPWF9QUl9JTkZSQYADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA_DSkgHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMODAuMjU1LjcuMTA4qAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA0gQONzMzNyNGUkExOjUzMTfaBAIIAeAEAfAEpa0giAUBmAUAoAX_EQEYAcAFAMkFAAUBFPA_0gUJCQULeAAAANgFAeAFAfAFhQH6BQQIABAAkAYAmAYAuAYAwQYBIDAAAPA_0Aa0JdoGFgoQCREZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB9XXBdIHDRVjASYI2gcGAV1wGADgBwDqBwIIAPAHlsUDiggCEACVCAAAgD-YCAE.&s=e56f74c3c430d193d970ea12feea65a9f77ba6c8&bdref=https%3A%2F%2Fforward.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fforward.com%2F,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dicavjgt%26e%3D1535582086632,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dicavjgt%26e%3D1535582086632&
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=icavjgt&e=1535582086632
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:20 GMT
AN-X-Request-Uuid
f5b7f3d6-bc92-444e-97af-da31763815af
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
index.html
cdn.flashtalking.com/129256/3290827/ Frame E2E0 		19 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/129256/3290827/index.html
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/616/6162252/3290827/js/j-6162252-3290827.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
0e1a73d8aa5cf64730ebb7a906c9bb1d1909c992a39ec954b8e13634d7af8574

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Access-Control-Max-Age
3000
Cache-Control
max-age=465
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
3587
Content-Type
text/html
Date
Sat, 24 Dec 2022 10:07:20 GMT
ETag
"1609162701"
Last-Modified
Mon, 28 Dec 2020 13:38:21 GMT
X-HW
1671876439.dop139.fr8.t,1671876439.cds159.fr8.shn,1671876440.dop139.fr8.t,1671876440.cds274.fr8.c
x-amz-id-2
744vRbpfJGj4dJkr6iDWG1jU8hi3eZGf4o1tVkOHQwnUF2gL+GxDyc+F84lA2cBvGshl8UlwPSQ=
x-amz-request-id
5RHMKTHJTWAEHE73
skeleton.js
pixel.adsafeprotected.com/rjss/st/992712/61653181/ Frame 9393 		46 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/rjss/st/992712/61653181/skeleton.js?552641338
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/616/6162252/3290827/js/j-6162252-3290827.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.4.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-4-225.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
2363bf8b6c3d8965dcd61064623e41afcfa3c95137db8bb611c2e796cda95ecc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:20 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
ftpagefold_v4.7.2.js
cdn.flashtalking.com/pageFold/ Frame 9393 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/pageFold/ftpagefold_v4.7.2.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/616/6162252/3290827/js/j-6162252-3290827.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
04a4ec051482dbeac84bf68c61fe3abc1cd91a21d49527e14521723bd7606d94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:20 GMT
Content-Encoding
gzip
x-amz-request-id
0VYE1R4B5BFAPA6M
Connection
Keep-Alive
Content-Length
5535
x-amz-id-2
j5KwgsYGbP/r3C8dM97qc+3TabospPpV6qv0lM7drK8sHr8ilGKec0TvlW0suf8hIhcWl4UsqQo=
Last-Modified
Fri, 04 Nov 2022 15:59:45 GMT
ETag
"1667577585"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-HW
1671876439.dop004.fr8.shc,1671876440.dop004.fr8.t,1671876440.cds260.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=21452
Accept-Ranges
bytes
B27471378.331615144;dc_pre=COqK-IqBkvwCFUZo4Aod7csIfQ;dc_trk_aid=523976581;dc_trk_cid=168322537;ord=1671876439;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimp/N526601.2621703GROUPMCOMPETENCEC/ Frame 9393
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N526601.2621703GROUPMCOMPETENCEC/B27471378.331615144;dc_trk_aid=523976581;dc_trk_cid=168322537;ord=1671876439;dc_lat=;dc_rdid=;tag_for_child_directed_treatme...
  • https://ad.doubleclick.net/ddm/trackimp/N526601.2621703GROUPMCOMPETENCEC/B27471378.331615144;dc_pre=COqK-IqBkvwCFUZo4Aod7csIfQ;dc_trk_aid=523976581;dc_trk_cid=168322537;ord=1671876439;dc_lat=;dc_rd...
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N526601.2621703GROUPMCOMPETENCEC/B27471378.331615144;dc_pre=COqK-IqBkvwCFUZo4Aod7csIfQ;dc_trk_aid=523976581;dc_trk_cid=168322537;ord=1671876439;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?&271069520
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=ybwpafwce&e=1535582086632
Protocol
H3
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:20 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N526601.2621703GROUPMCOMPETENCEC/B27471378.331615144;dc_pre=COqK-IqBkvwCFUZo4Aod7csIfQ;dc_trk_aid=523976581;dc_trk_cid=168322537;ord=1671876439;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?&271069520
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 091D 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=ybwpafwce&e=1535582086632
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
53028
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 24 Dec 2022 10:07:20 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 15 Dec 2022 19:23:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
100, 270948
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220068-HHN
X-Timer
S1671876441.830619,VS0,VE0
rd_log
fra1-ib.adnxs.com/ Frame 9393 		0
930 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fforward.com%2F&e=wqT_3QLSDfBM0gYAAAMA1gAFAQjVnpudBhCR--Cnvf3Eg24Yja-4qpOZ7ppWKjYJbqMBvAUShD8Rjrw5fbkmfz8ZAAAAgD0K7z8hjrw5fbkmfz8pbqMJJPCBMQAAAEDhepQ_MJeHhQw4mFBAqTlIAlCgxcedAViezX9gAGix8pcBeIzZBYABAYoBA1VTRJIBA0VVUpgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAml1ZignYScsIDE2OTQzNjgsIDApO3VmKCdpJywgNTI0OTAyMBUULGcnLCAxNzgwMTcxORUVMHMnLCAyNzY2MTc1MDAVFjByJywgMzMwNDI0OTkyBRbwtpIC8QQhZlhpTmVBaXo2WkFaRUtERng1MEJHQUFnbnMxX01BRTRBRUFBU0trNVVKZUhoUXhZQUdDOUJtZ0FjQUI0QUlBQkFJZ0JBSkFCQVpnQkFhQUJBcWdCQXJBQkFMa0Izd0FGUlozcWdqX0JBWGRzZ0owV0U0UV95UUVBQUFBQUFBRHdQOWtCU0RNV1RXY243al9nQWZ5dndBTDFBWVhya1QtWUFnQ2dBZ0MxQWdBQUFBQzlBZwE58FVEQUFnRElBZ0RRQWdEWUFnRGdBdm5jbVNIb0FvZmFscDBHLUFJQWdBTUJtQU1Cb2dNT0NQdXR2aWNRQkJnQkxUbEtPRHFpQXc0SS1keVpJUkFKR0FJdAFagEFLSURFd2l4LU40bUVBb1lBUzExWUpZX01nTjFibXVpQRk0BExHETTATG9EQ1VaU1FURTZOVE13TS1BRGlEQ0FCTGlqaXdpSUJPdl9xQWlRQkFHWUJBVEJCQQVqBQEIeVFRBQgFARhOZ0VBUEVFBQwFAVBDSUJiY3BtQVdjc3ZPREFha0ZTRE0tLAgteEIdOwh3UVUFMgUBCE1rRgEIHFlOSmQ3el9SLigAADIVKPBDRHdQLUFGMUFmd0JmZkR2Z2o0QmFDMVo0SUdBMFZWVW9nR0FKQUdBWmdHQUtFR1BRclhvM0E5OGotb0JnU3lCaVFKQUEBZgUBAFIFBgkBAFoJBwUBAGgFBgUBQEM0QmdvLpoCmQEhaEJYcklnOnUCLEo3TmZ5QUFLQUF4UBVtBDg2MlkBQDBDSU1FbElNeFpOWnlmdVAxPSwERmsFZwUBAEcdGABHHRgASB0YDEhnQWkuiQLwQ3cuLtgCAOACm4VO6gIUaHR0cHM6Ly9mb3J3YXJkLmNvbS_yAhEKBkFEVl9JRBIHMTY5NDM2OPICEgoGQ1BHX0lEEggxbYss8gISCgVDUF9JRBIJdYoQ8gINCggBPhRGUkVREgEJEBxSRU1fVVNFUgUQAAwJIBhDT0RFEgDyAQ8BWREPEAsKB0NQFQ4QEAoFSU8BYSAHNTI0OTAyMPIBIQRJTxUhOBsKD0NVU1RPTV9NT0RFTAErNAg2OTYyNzUxM_ICGgoWMh4AHExFQUZfTkFNBXkIKAoaNh0ACEFTVAFGaElGSUVEEgoxNjcxODAyMTE58gIVCghTUExJVAFfLusA8J8ZCgdTZWdtZW50Eg5BWUdPWF9QUl9JTkZSQYADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA_DSkgHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMODAuMjU1LjcuMTA4qAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA0gQONzMzNyNGUkExOjUzMDPaBAIIAeAEAfAEpa0giAUBmAUAoAX_EQEYAcAFAMkFAAUBFPA_0gUJCQULeAAAANgFAeAFAfAFhQH6BQQIABAAkAYAmAYAuAYAwQYBIDAAAPA_0Aa0JdoGFgoQCREZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB4zZBdIHDRVjASYI2gcGAV1wGADgBwDqBwIIAPAHlsUDiggCEACVCAAAgD-YCAE.&s=cba606b6bade1e5f22867021ea6fd6c61a158561&bdref=https%3A%2F%2Fforward.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fforward.com%2F,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dybwpafwce%26e%3D1535582086632,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dybwpafwce%26e%3D1535582086632&
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=ybwpafwce&e=1535582086632
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:20 GMT
AN-X-Request-Uuid
cb6c9842-6bb6-4e9d-bb12-040607769255
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
index.html
cdn.flashtalking.com/129256/3290827/ Frame C39E 		19 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/129256/3290827/index.html
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/616/6162252/3290827/js/j-6162252-3290827.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
0e1a73d8aa5cf64730ebb7a906c9bb1d1909c992a39ec954b8e13634d7af8574

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Access-Control-Max-Age
3000
Cache-Control
max-age=465
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
3587
Content-Type
text/html
Date
Sat, 24 Dec 2022 10:07:20 GMT
ETag
"1609162701"
Last-Modified
Mon, 28 Dec 2020 13:38:21 GMT
X-HW
1671876439.dop107.fr8.t,1671876439.cds251.fr8.shn,1671876440.dop107.fr8.t,1671876440.cds274.fr8.c
x-amz-id-2
744vRbpfJGj4dJkr6iDWG1jU8hi3eZGf4o1tVkOHQwnUF2gL+GxDyc+F84lA2cBvGshl8UlwPSQ=
x-amz-request-id
5RHMKTHJTWAEHE73
skeleton.js
pixel.adsafeprotected.com/rjss/st/992712/61653181/ Frame 9936 		46 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/rjss/st/992712/61653181/skeleton.js?816239869
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/616/6162252/3290827/js/j-6162252-3290827.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.4.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-4-225.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
89b53f0290bafcc0768d5ef76827750fcfa29c0f236f4dc6ede525ad4a08febf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:20 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
ftpagefold_v4.7.2.js
cdn.flashtalking.com/pageFold/ Frame 9936 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/pageFold/ftpagefold_v4.7.2.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/616/6162252/3290827/js/j-6162252-3290827.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
04a4ec051482dbeac84bf68c61fe3abc1cd91a21d49527e14521723bd7606d94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:20 GMT
Content-Encoding
gzip
x-amz-request-id
0VYE1R4B5BFAPA6M
Connection
Keep-Alive
Content-Length
5535
x-amz-id-2
j5KwgsYGbP/r3C8dM97qc+3TabospPpV6qv0lM7drK8sHr8ilGKec0TvlW0suf8hIhcWl4UsqQo=
Last-Modified
Fri, 04 Nov 2022 15:59:45 GMT
ETag
"1667577585"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-HW
1671876439.dop231.fr8.t,1671876439.cds164.fr8.shn,1671876440.dop231.fr8.t,1671876440.cds274.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=21656
Accept-Ranges
bytes
B27471378.331615144;dc_pre=CPuQ-IqBkvwCFY6SdwodtxQCdQ;dc_trk_aid=523976581;dc_trk_cid=168322537;ord=1671876439;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimp/N526601.2621703GROUPMCOMPETENCEC/ Frame 9936
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N526601.2621703GROUPMCOMPETENCEC/B27471378.331615144;dc_trk_aid=523976581;dc_trk_cid=168322537;ord=1671876439;dc_lat=;dc_rdid=;tag_for_child_directed_treatme...
  • https://ad.doubleclick.net/ddm/trackimp/N526601.2621703GROUPMCOMPETENCEC/B27471378.331615144;dc_pre=CPuQ-IqBkvwCFY6SdwodtxQCdQ;dc_trk_aid=523976581;dc_trk_cid=168322537;ord=1671876439;dc_lat=;dc_rd...
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N526601.2621703GROUPMCOMPETENCEC/B27471378.331615144;dc_pre=CPuQ-IqBkvwCFY6SdwodtxQCdQ;dc_trk_aid=523976581;dc_trk_cid=168322537;ord=1671876439;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?&389088807
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=hxphinku&e=1535582086632
Protocol
H3
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:20 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N526601.2621703GROUPMCOMPETENCEC/B27471378.331615144;dc_pre=CPuQ-IqBkvwCFY6SdwodtxQCdQ;dc_trk_aid=523976581;dc_trk_cid=168322537;ord=1671876439;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?&389088807
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame E366 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=hxphinku&e=1535582086632
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
53028
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 24 Dec 2022 10:07:20 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 15 Dec 2022 19:23:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
100, 271631
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220080-HHN
X-Timer
S1671876441.850603,VS0,VE0
rd_log
fra1-ib.adnxs.com/ Frame 9936 		0
930 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fforward.com%2F&e=wqT_3QLSDfBM0gYAAAMA1gAFAQjVnpudBhDN1dCf6oadpkoYja-4qpOZ7ppWKjYJbqMBvAUShD8Rjrw5fbkmfz8ZAAAAgD0K7z8hjrw5fbkmfz8pbqMJJPCBMQAAAEDhepQ_MJeHhQw4mFBAqTlIAlCgxcedAViezX9gAGix8pcBeMDZBYABAYoBA1VTRJIBA0VVUpgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAml1ZignYScsIDE2OTQzNjgsIDApO3VmKCdpJywgNTI0OTAyMBUULGcnLCAxNzgwMTcxORUVMHMnLCAyNzY2MTc1MDAVFjByJywgMzMwNDI0OTkyBRbwtpIC8QQhYm5oc2N3aXo2WkFaRUtERng1MEJHQUFnbnMxX01BRTRBRUFBU0trNVVKZUhoUXhZQUdDOUJtZ0FjQUI0QUlBQkFJZ0JBSkFCQVpnQkFhQUJBcWdCQXJBQkFMa0Izd0FGUlozcWdqX0JBWGRzZ0owV0U0UV95UUVBQUFBQUFBRHdQOWtCU0RNV1RXY243al9nQWZ5dndBTDFBWVhya1QtWUFnQ2dBZ0MxQWdBQUFBQzlBZwE58FVEQUFnRElBZ0RRQWdEWUFnRGdBdm5jbVNIb0FvZmFscDBHLUFJQWdBTUJtQU1Cb2dNT0NQdXR2aWNRQkJnQkxUbEtPRHFpQXc0SS1keVpJUkFKR0FJdAFagEFLSURFd2l4LU40bUVBb1lBUzExWUpZX01nTjFibXVpQRk0BExHETTATG9EQ1VaU1FURTZOVGMzT2VBRGlEQ0FCTGlqaXdpSUJPdl9xQWlRQkFHWUJBVEJCQQVqBQEIeVFRBQgFARhOZ0VBUEVFBQwFAVBDSUJaTXRtQVdjc3ZPREFha0ZTRE0tLAgteEIdOwh3UVUFMgUBCE1rRgEIHFlOSmQ3el9SLigAADIVKPBDRHdQLUFGMUFmd0JmZkR2Z2o0QmFDMVo0SUdBMFZWVW9nR0FKQUdBWmdHQUtFR1BRclhvM0E5OGotb0JnU3lCaVFKQUEBZgUBAFIFBgkBAFoJBwUBAGgFBgUBPEM0QmdvLpoCmQEhbFJXZ0o-dQIsSjdOZnlBQUtBQXhQFW0EODYyWQFAVUNJTUVsSU14Wk5aeWZ1UDE9LARGawVnBQEARx0YAEcdGABIHRgMSGdBaS6JAvBDdy4u2AIA4AKbhU7qAhRodHRwczovL2ZvcndhcmQuY29tL_ICEQoGQURWX0lEEgcxNjk0MzY48gISCgZDUEdfSUQSCDFtiyzyAhIKBUNQX0lEEgl1ihDyAg0KCAE-FEZSRVESAQkQHFJFTV9VU0VSBRAADAkgGENPREUSAPIBDwFZEQ8QCwoHQ1AVDhAQCgVJTwFhIAc1MjQ5MDIw8gEhBElPFSE4GwoPQ1VTVE9NX01PREVMASs0CDY5NjI3NTEz8gIaChYyHgAcTEVBRl9OQU0FeQgoCho2HQAIQVNUAUZoSUZJRUQSCjE2NzE4MDIxMTnyAhUKCFNQTElUAV8u6wDwnxkKB1NlZ21lbnQSDkFZR09YX1BSX0lORlJBgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgD8NKSAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBAw4MC4yNTUuNy4xMDioBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADSBA43MzM3I0ZSQTE6NTc3OdoEAggB4AQB8ASlrSCIBQGYBQCgBf8RARgBwAUAyQUABQEU8D_SBQkJBQt4AAAA2AUB4AUB8AWFAfoFBAgAEACQBgCYBgC4BgDBBgEgMAAA8D_QBrQl2gYWChAJERkBcBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHwNkF0gcNFWMBJgjaBwYBXXAYAOAHAOoHAggA8AeWxQOKCAIQAJUIAACAP5gIAQ..&s=ee21aa8760c9f7c963c15624db66a5ffd254798d&bdref=https%3A%2F%2Fforward.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fforward.com%2F,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dhxphinku%26e%3D1535582086632,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dhxphinku%26e%3D1535582086632&
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=hxphinku&e=1535582086632
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:20 GMT
AN-X-Request-Uuid
cd014523-a32b-4372-a51c-860aa056e143
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
index.html
cdn.flashtalking.com/129256/3290827/ Frame ED46 		19 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/129256/3290827/index.html
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/616/6162252/3290827/js/j-6162252-3290827.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
0e1a73d8aa5cf64730ebb7a906c9bb1d1909c992a39ec954b8e13634d7af8574

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Access-Control-Max-Age
3000
Cache-Control
max-age=465
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
3587
Content-Type
text/html
Date
Sat, 24 Dec 2022 10:07:20 GMT
ETag
"1609162701"
Last-Modified
Mon, 28 Dec 2020 13:38:21 GMT
X-HW
1671876439.dop133.fr8.t,1671876439.cds107.fr8.shn,1671876440.dop133.fr8.t,1671876440.cds274.fr8.c
x-amz-id-2
744vRbpfJGj4dJkr6iDWG1jU8hi3eZGf4o1tVkOHQwnUF2gL+GxDyc+F84lA2cBvGshl8UlwPSQ=
x-amz-request-id
5RHMKTHJTWAEHE73
skeleton.js
pixel.adsafeprotected.com/rjss/st/992712/61653181/ Frame 96B2 		46 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/rjss/st/992712/61653181/skeleton.js?540482748
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/616/6162252/3290827/js/j-6162252-3290827.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.4.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-4-225.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
88b709ff439278e01a2fd5d1168679c8bc0851f1cf5feaf373bc3a2ee478d0c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:20 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
ftpagefold_v4.7.2.js
cdn.flashtalking.com/pageFold/ Frame 96B2 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/pageFold/ftpagefold_v4.7.2.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/616/6162252/3290827/js/j-6162252-3290827.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
04a4ec051482dbeac84bf68c61fe3abc1cd91a21d49527e14521723bd7606d94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:20 GMT
Content-Encoding
gzip
x-amz-request-id
0VYE1R4B5BFAPA6M
Connection
Keep-Alive
Content-Length
5535
x-amz-id-2
j5KwgsYGbP/r3C8dM97qc+3TabospPpV6qv0lM7drK8sHr8ilGKec0TvlW0suf8hIhcWl4UsqQo=
Last-Modified
Fri, 04 Nov 2022 15:59:45 GMT
ETag
"1667577585"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-HW
1671876439.dop144.fr8.t,1671876439.cds052.fr8.shn,1671876440.dop144.fr8.t,1671876440.cds274.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=21656
Accept-Ranges
bytes
B27471378.331615144;dc_pre=CO6N-IqBkvwCFbjHuwgdo4ICvA;dc_trk_aid=523976581;dc_trk_cid=168322537;ord=1671876439;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimp/N526601.2621703GROUPMCOMPETENCEC/ Frame 96B2
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N526601.2621703GROUPMCOMPETENCEC/B27471378.331615144;dc_trk_aid=523976581;dc_trk_cid=168322537;ord=1671876439;dc_lat=;dc_rdid=;tag_for_child_directed_treatme...
  • https://ad.doubleclick.net/ddm/trackimp/N526601.2621703GROUPMCOMPETENCEC/B27471378.331615144;dc_pre=CO6N-IqBkvwCFbjHuwgdo4ICvA;dc_trk_aid=523976581;dc_trk_cid=168322537;ord=1671876439;dc_lat=;dc_rd...
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N526601.2621703GROUPMCOMPETENCEC/B27471378.331615144;dc_pre=CO6N-IqBkvwCFbjHuwgdo4ICvA;dc_trk_aid=523976581;dc_trk_cid=168322537;ord=1671876439;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?&254077950
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=ajdxfouger&e=1535582086632
Protocol
H3
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:20 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N526601.2621703GROUPMCOMPETENCEC/B27471378.331615144;dc_pre=CO6N-IqBkvwCFbjHuwgdo4ICvA;dc_trk_aid=523976581;dc_trk_cid=168322537;ord=1671876439;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?&254077950
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 894E 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=ajdxfouger&e=1535582086632
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
53029
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 24 Dec 2022 10:07:20 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 15 Dec 2022 19:23:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
100, 275541
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220086-HHN
X-Timer
S1671876441.863059,VS0,VE0
rd_log
fra1-ib.adnxs.com/ Frame 96B2 		0
930 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fforward.com%2F&e=wqT_3QLSDfBM0gYAAAMA1gAFAQjVnpudBhCu7LD2irbw7GAYja-4qpOZ7ppWKjYJbqMBvAUShD8Rjrw5fbkmfz8ZAAAAgD0K7z8hjrw5fbkmfz8pbqMJJPCBMQAAAEDhepQ_MJeHhQw4mFBAqTlIAlCgxcedAViezX9gAGix8pcBeNOGBoABAYoBA1VTRJIBA0VVUpgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAml1ZignYScsIDE2OTQzNjgsIDApO3VmKCdpJywgNTI0OTAyMBUULGcnLCAxNzgwMTcxORUVMHMnLCAyNzY2MTc1MDAVFjByJywgMzMwNDI0OTkyBRbwtpIC8QQhY1hnbmN3aXo2WkFaRUtERng1MEJHQUFnbnMxX01BRTRBRUFBU0trNVVKZUhoUXhZQUdDOUJtZ0FjQUI0QUlBQkFJZ0JBSkFCQVpnQkFhQUJBcWdCQXJBQkFMa0Izd0FGUlozcWdqX0JBWGRzZ0owV0U0UV95UUVBQUFBQUFBRHdQOWtCU0RNV1RXY243al9nQWZ5dndBTDFBWVhya1QtWUFnQ2dBZ0MxQWdBQUFBQzlBZwE58FVEQUFnRElBZ0RRQWdEWUFnRGdBdm5jbVNIb0FvZmFscDBHLUFJQWdBTUJtQU1Cb2dNT0NQdXR2aWNRQkJnQkxUbEtPRHFpQXc0SS1keVpJUkFKR0FJdAFagEFLSURFd2l4LU40bUVBb1lBUzExWUpZX01nTjFibXVpQRk0BExHETTATG9EQ1VaU1FURTZOalUxTS1BRGlEQ0FCTGlqaXdpSUJPdl9xQWlRQkFHWUJBVEJCQQVqBQEIeVFRBQgFARhOZ0VBUEVFBQwFAVBDSUJaa3ptQVdjc3ZPREFha0ZTRE0tLAgteEIdOwh3UVUFMgUBCE1rRgEIHFlOSmQ3el9SLigAADIVKPBDRHdQLUFGMUFmd0JmZkR2Z2o0QmFDMVo0SUdBMFZWVW9nR0FKQUdBWmdHQUtFR1BRclhvM0E5OGotb0JnU3lCaVFKQUEBZgUBAFIFBgkBAFoJBwUBAGgFBgUBQEM0QmdvLpoCmQEhakJVbkpROnUCLEo3TmZ5QUFLQUF4UBVtBDg2MlkBQDBDSU1FbElNeFpOWnlmdVAxPSwERmsFZwUBAEcdGABHHRgASB0YDEhnQWkuiQLwQ3cuLtgCAOACm4VO6gIUaHR0cHM6Ly9mb3J3YXJkLmNvbS_yAhEKBkFEVl9JRBIHMTY5NDM2OPICEgoGQ1BHX0lEEggxbYss8gISCgVDUF9JRBIJdYoQ8gINCggBPhRGUkVREgEJEBxSRU1fVVNFUgUQAAwJIBhDT0RFEgDyAQ8BWREPEAsKB0NQFQ4QEAoFSU8BYSAHNTI0OTAyMPIBIQRJTxUhOBsKD0NVU1RPTV9NT0RFTAErNAg2OTYyNzUxM_ICGgoWMh4AHExFQUZfTkFNBXkIKAoaNh0ACEFTVAFGaElGSUVEEgoxNjcxODAyMTE58gIVCghTUExJVAFfLusA8J8ZCgdTZWdtZW50Eg5BWUdPWF9QUl9JTkZSQYADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA_DSkgHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMODAuMjU1LjcuMTA4qAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA0gQONzMzNyNGUkExOjY1NTPaBAIIAeAEAfAEpa0giAUBmAUAoAX_EQEYAcAFAMkFAAUBFPA_0gUJCQULeAAAANgFAeAFAfAFhQH6BQQIABAAkAYAmAYAuAYAwQYBIDAAAPA_0Aa0JdoGFgoQCREZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB9OGBtIHDRVjASYI2gcGAV1wGADgBwDqBwIIAPAHlsUDiggCEACVCAAAgD-YCAE.&s=f25b68baf72fdd51f72d60afc044dc171f3c8fca&bdref=https%3A%2F%2Fforward.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fforward.com%2F,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dajdxfouger%26e%3D1535582086632,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dajdxfouger%26e%3D1535582086632&
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=ajdxfouger&e=1535582086632
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:20 GMT
AN-X-Request-Uuid
9cffb7a4-b4a6-4ac0-848c-ffbe519605a0
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fforward.com%2F&domain=forward.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://forward.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://forward.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 24 Dec 2022 10:07:20 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
329991
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
envelope
lexicon.33across.com/v1/ Frame 2E2E 		49 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0010b00002QJmSBAA1&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161217/5905/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:8344:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:21 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://forward.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
sid
mug.criteo.com/ Frame 2E2E
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fforward.com%2F&domain=forward.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=LAUsJnxiSE9ROSt5SHNLdVBUSmFwdHptTUhDZStqYkpZTklBQVhnaENuZmNXbkR0eGp5QVF0OHp0c3M5SnZFaGtWZUVoV1lReStEZ1NJNFZuSHU3bHcvNzQ2WEJySEpwNjBBdTIzMVNUdjZ4cXV0UnNYczBocHIxbDRObF...
359 B
647 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=LAUsJnxiSE9ROSt5SHNLdVBUSmFwdHptTUhDZStqYkpZTklBQVhnaENuZmNXbkR0eGp5QVF0OHp0c3M5SnZFaGtWZUVoV1lReStEZ1NJNFZuSHU3bHcvNzQ2WEJySEpwNjBBdTIzMVNUdjZ4cXV0UnNYczBocHIxbDRObFl1YTlJaGtwSVA2YkRCVXp0eXk2R2ZSZWl4VmxYN21HRWdNeExCMVU1RUtyazdZM2dEb2wzaDVHSlZXOE1LOWRQMURBZlB2akZ3YUtBSHE1MXdGb0lubFhsenBBelJwdGMwb0RQU0FzMGtaL3pvOFA3bkJNPXw&cppv=2
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
668b943eeb0437afd6a518e8728e9c8949448f73f02f04a0b93bf08053b5294a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1118137
expires
0

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:20 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=LAUsJnxiSE9ROSt5SHNLdVBUSmFwdHptTUhDZStqYkpZTklBQVhnaENuZmNXbkR0eGp5QVF0OHp0c3M5SnZFaGtWZUVoV1lReStEZ1NJNFZuSHU3bHcvNzQ2WEJySEpwNjBBdTIzMVNUdjZ4cXV0UnNYczBocHIxbDRObFl1YTlJaGtwSVA2YkRCVXp0eXk2R2ZSZWl4VmxYN21HRWdNeExCMVU1RUtyazdZM2dEb2wzaDVHSlZXOE1LOWRQMURBZlB2akZ3YUtBSHE1MXdGb0lubFhsenBBelJwdGMwb0RQU0FzMGtaL3pvOFA3bkJNPXw&cppv=2
access-control-allow-origin
https://forward.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
626736
content-length
0
expires
0
envelope
api.rlcdn.com/api/identity/ Frame 2E2E 		0
0
id
id.crwdcntrl.net/ Frame 2E2E 		43 B
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id?c=15969
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161217/5905/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.211.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-211-146.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:21 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://forward.com
cache-control
no-cache
x-server
10.45.15.131
access-control-allow-credentials
true
content-length
43
expires
0
rid
match.adsrvr.org/track/ Frame 2E2E 		63 B
387 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161217/5905/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
ae4f9786606dd99b88bedfb8432b47789670032cf7cf67793b02031e98fdbf27

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:21 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://forward.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Mon, 23 Jan 2023 10:07:20 GMT
index.html
cdn.flashtalking.com/129256/3290827/ Frame 1A6B 		19 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/129256/3290827/index.html
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/616/6162252/3290827/js/j-6162252-3290827.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
0e1a73d8aa5cf64730ebb7a906c9bb1d1909c992a39ec954b8e13634d7af8574

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Access-Control-Max-Age
3000
Cache-Control
max-age=1200
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
3587
Content-Type
text/html
Date
Sat, 24 Dec 2022 10:07:20 GMT
ETag
"1609162701"
Last-Modified
Mon, 28 Dec 2020 13:38:21 GMT
X-HW
1671876439.dop004.fr8.shc,1671876440.dop004.fr8.t,1671876440.cds260.fr8.pr
x-amz-id-2
WUZjTzAREF0kxQdZlv3c4+c7PkpkmYHwi/MHx6sAhje7zntkVO4lS5s8CiIL3rzloi5Qr/s4Pso=
x-amz-request-id
B3Y5FGBVXSXJD2CE
skeleton.js
pixel.adsafeprotected.com/rjss/st/992712/61653181/ Frame 3A7C 		46 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/rjss/st/992712/61653181/skeleton.js?782325539
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/616/6162252/3290827/js/j-6162252-3290827.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.4.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-4-225.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
2b1a5b5efd9402b363c69469ef5923b9a5f05dc8815abf78af4a21f66668cb72

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:20 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
ftpagefold_v4.7.2.js
cdn.flashtalking.com/pageFold/ Frame 3A7C 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/pageFold/ftpagefold_v4.7.2.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/616/6162252/3290827/js/j-6162252-3290827.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
04a4ec051482dbeac84bf68c61fe3abc1cd91a21d49527e14521723bd7606d94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:20 GMT
Content-Encoding
gzip
x-amz-request-id
0VYE1R4B5BFAPA6M
Connection
Keep-Alive
Content-Length
5535
x-amz-id-2
j5KwgsYGbP/r3C8dM97qc+3TabospPpV6qv0lM7drK8sHr8ilGKec0TvlW0suf8hIhcWl4UsqQo=
Last-Modified
Fri, 04 Nov 2022 15:59:45 GMT
ETag
"1667577585"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-HW
1671876439.dop231.fr8.t,1671876439.cds164.fr8.shn,1671876440.dop231.fr8.t,1671876440.cds274.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=21656
Accept-Ranges
bytes
B27471378.331615144;dc_pre=CL-m-IqBkvwCFcDiuwgdasgFCg;dc_trk_aid=523976581;dc_trk_cid=168322537;ord=1671876439;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimp/N526601.2621703GROUPMCOMPETENCEC/ Frame 3A7C
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N526601.2621703GROUPMCOMPETENCEC/B27471378.331615144;dc_trk_aid=523976581;dc_trk_cid=168322537;ord=1671876439;dc_lat=;dc_rdid=;tag_for_child_directed_treatme...
  • https://ad.doubleclick.net/ddm/trackimp/N526601.2621703GROUPMCOMPETENCEC/B27471378.331615144;dc_pre=CL-m-IqBkvwCFcDiuwgdasgFCg;dc_trk_aid=523976581;dc_trk_cid=168322537;ord=1671876439;dc_lat=;dc_rd...
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N526601.2621703GROUPMCOMPETENCEC/B27471378.331615144;dc_pre=CL-m-IqBkvwCFcDiuwgdasgFCg;dc_trk_aid=523976581;dc_trk_cid=168322537;ord=1671876439;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?&662363010
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=sqwwysn&e=1535582086632
Protocol
H3
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:20 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N526601.2621703GROUPMCOMPETENCEC/B27471378.331615144;dc_pre=CL-m-IqBkvwCFcDiuwgdasgFCg;dc_trk_aid=523976581;dc_trk_cid=168322537;ord=1671876439;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?&662363010
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
jload
pixel.adsafeprotected.com/ Frame 3A7C 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=930248&advId=1694368&campId=5249020&pubId=10264&chanId=1654713&placementId=7337&planId=17801719&adsafe_par&impId=5074709440084529340
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=sqwwysn&e=1535582086632
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.4.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-4-225.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
5d27e38b900bfd79bcafbca25f4d8073457f572349f1450b178866e0b71d9dfa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:20 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 981A 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=sqwwysn&e=1535582086632
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
53028
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 24 Dec 2022 10:07:20 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 15 Dec 2022 19:23:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
100, 270949
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220068-HHN
X-Timer
S1671876441.885268,VS0,VE0
rd_log
fra1-ib.adnxs.com/ Frame 3A7C 		0
930 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fforward.com%2F&e=wqT_3QLSDfBM0gYAAAMA1gAFAQjVnpudBhC8ob3UlKu_tkYYja-4qpOZ7ppWKjYJbqMBvAUShD8Rjrw5fbkmfz8ZAAAAgD0K7z8hjrw5fbkmfz8pbqMJJPCBMQAAAEDhepQ_MJeHhQw4mFBAqTlIAlCgxcedAViezX9gAGix8pcBeKXZBYABAYoBA1VTRJIBA0VVUpgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAml1ZignYScsIDE2OTQzNjgsIDApO3VmKCdpJywgNTI0OTAyMBUULGcnLCAxNzgwMTcxORUVMHMnLCAyNzY2MTc1MDAVFjByJywgMzMwNDI0OTkyBRbwtpIC8QQha1hqMmhRaXo2WkFaRUtERng1MEJHQUFnbnMxX01BRTRBRUFBU0trNVVKZUhoUXhZQUdDOUJtZ0FjQUI0QUlBQkFJZ0JBSkFCQVpnQkFhQUJBcWdCQXJBQkFMa0Izd0FGUlozcWdqX0JBWGRzZ0owV0U0UV95UUVBQUFBQUFBRHdQOWtCU0RNV1RXY243al9nQWZ5dndBTDFBWVhya1QtWUFnQ2dBZ0MxQWdBQUFBQzlBZwE58FVEQUFnRElBZ0RRQWdEWUFnRGdBdm5jbVNIb0FvZmFscDBHLUFJQWdBTUJtQU1Cb2dNT0NQdXR2aWNRQkJnQkxUbEtPRHFpQXc0SS1keVpJUkFKR0FJdAFagEFLSURFd2l4LU40bUVBb1lBUzExWUpZX01nTjFibXVpQRk0BExHETTATG9EQ1VaU1FURTZOVFEwTk9BRGlEQ0FCTGlqaXdpSUJPdl9xQWlRQkFHWUJBVEJCQQVqBQEIeVFRBQgFARhOZ0VBUEVFBQwFAVBDSUJjUXFtQVdjc3ZPREFha0ZTRE0tLAgteEIdOwh3UVUFMgUBCE1rRgEIHFlOSmQ3el9SLigAADIVKPBDRHdQLUFGMUFmd0JmZkR2Z2o0QmFDMVo0SUdBMFZWVW9nR0FKQUdBWmdHQUtFR1BRclhvM0E5OGotb0JnU3lCaVFKQUEBZgUBAFIFBgkBAFoJBwUBAGgFBgUBQEM0QmdvLpoCmQEhaWhXVkpBOnUCLEo3TmZ5QUFLQUF4UBVtBDg2MlkBQEVDSU1FbElNeFpOWnlmdVAxPSwERmsFZwUBAEcdGABHHRgASB0YDEhnQWkuiQLwQ3cuLtgCAOACm4VO6gIUaHR0cHM6Ly9mb3J3YXJkLmNvbS_yAhEKBkFEVl9JRBIHMTY5NDM2OPICEgoGQ1BHX0lEEggxbYss8gISCgVDUF9JRBIJdYoQ8gINCggBPhRGUkVREgEJEBxSRU1fVVNFUgUQAAwJIBhDT0RFEgDyAQ8BWREPEAsKB0NQFQ4QEAoFSU8BYSAHNTI0OTAyMPIBIQRJTxUhOBsKD0NVU1RPTV9NT0RFTAErNAg2OTYyNzUxM_ICGgoWMh4AHExFQUZfTkFNBXkIKAoaNh0ACEFTVAFGaElGSUVEEgoxNjcxODAyMTE58gIVCghTUExJVAFfLusA8J8ZCgdTZWdtZW50Eg5BWUdPWF9QUl9JTkZSQYADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA_DSkgHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMODAuMjU1LjcuMTA4qAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA0gQONzMzNyNGUkExOjU0NDTaBAIIAeAEAfAEpa0giAUBmAUAoAX_EQEYAcAFAMkFAAUBFPA_0gUJCQULeAAAANgFAeAFAfAFhQH6BQQIABAAkAYAmAYAuAYAwQYBIDAAAPA_0Aa0JdoGFgoQCREZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB6XZBdIHDRVjASYI2gcGAV1wGADgBwDqBwIIAPAHlsUDiggCEACVCAAAgD-YCAE.&s=9570afc5c62d111e4b14f0401771d1d957627ea9&bdref=https%3A%2F%2Fforward.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fforward.com%2F,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dsqwwysn%26e%3D1535582086632,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dsqwwysn%26e%3D1535582086632&
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=sqwwysn&e=1535582086632
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:20 GMT
AN-X-Request-Uuid
3de91748-87f7-4dac-aca8-1a301a63a219
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dcmads.js
www.googletagservices.com/dcm/ Frame 3CF9 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9406a92f81fad251295cd64386a8bb62ee7503f589ae1b96893faae2f4fcb18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 09:31:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2126
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10900
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 17:19:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 24 Dec 2022 10:31:54 GMT
apn
beacon.sojern.com/imp/ Frame 3CF9 		42 B
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.sojern.com/imp/apn?auc=4785499947907653564&cr=292929924&seg=&st=0&bp=0.01204&pp=0.01204&aaid=&idfa=&ord=1352751999
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
119.244.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
date
Sat, 24 Dec 2022 10:07:20 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
vary
Accept-Encoding
content-type
image/gif
ca
choices.truste.com/ Frame 3CF9 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.truste.com/ca?pid=sojern01&aid=sojern02_d&cid=0&c=1352751999&sz=728x90&js=st_dapp
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-7.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
3cef1864f3b4a587c446729a5ee0eb8ae906ec76154e956b797e467c653d0024
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 ff2bcb2d3b4a3d9e0615ddd1033c38c4.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop
FRA2-C2
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
918
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
text/javascript;charset=UTF-8
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
HZvl9bmwmgdJzKv7_z5u9kmdG-HtQmBE_DgFrnHL6GhV5THsMhOWeg==
expires
Mon, 26 Jul 1997 05:00:00 GMT
trk.js
cdn.adnxs.com/v/s/231/ Frame 3CF9 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/231/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a6014f6b98eaeb6078b9e1c953c61f33af95d5f4866d89a416d01b74a0dd6c27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Expires
Wed, 06 Dec 2023 04:35:13 GMT
Date
Sat, 24 Dec 2022 10:07:20 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
1575128
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27455
X-Served-By
cache-lga13620-LGA, cache-hhn-etou8220027-HHN
Last-Modified
Wed, 30 Nov 2022 10:07:25 GMT
Server
AkamaiNetStorage
X-Timer
S1671876441.893323,VS0,VE0
ETag
"48b9fe7fe4120aea6f95a30f505d7b35:1669802845.0694"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
17, 1439429
it
fra1-ib.adnxs.com/ Frame 3CF9 		0
930 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fforward.com%252F&e=wqT_3QKsCvBMLAUAAAMA1gAFAQjXnpudBhC8v76dkdvgtEIYja-4qpOZ7ppWKjYJYmLzcW2oiD8RZv-sz5Zggj8ZAAAAgD0K7z8hZv-sz5Zggj8pY2IJJPCBMQAAAEDhepQ_MJeHhQw4mFBA6j9IAlCEg9eLAViezX9gAGix8pcBeKDZBYABAYoBA1VTRJIBA0VVUpgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAlN1ZignYScsIDI5Mzk3MDcsIDApO3VmKCdpJywgMzgxMTA3NhUULGcnLCAxMTcxNjk2NxUVFHInLCAyOQECCDkyNAUW8IuSAqUEIVNXdERRQWpNc01RVEVJU0QxNHNCR0FBZ25zMV9NQUE0QUVBQVNPb19VSmVIaFF4WUFHQzlCbWdBY0FCNEFJQUJBSWdCQUpBQkFaZ0JBYUFCQWFnQkFiQUJBTGtCNkwta3ltYW1pRF9CQWVpX3BNcG1wb2dfeVFFQUFBQUFBQUR3UDlrQkFBQQUOdDhEX2dBWVRPNkFIMUFjM016RDJZQWdDZ0FnRzFBZwEjBEM5CQjwW0RBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdHQUF3R1lBd0c2QXdsR1VrRXhPalUwTkRuZ0E0Z3dnQVRxZ2NBRGlBVHRvTzBEa0FRQm1BUUJ1Z1FhQ0lVRUVRAWgcQUFBTkFfR1EBCQkBIElJTEdpdzdCQgkPBSAEeVEdIRhOZ0VBUEVFER9cQUFDSUJja3FxUVZJTXhaTlp5ZnVQN0VGGSAYREJCWnFabQECFGJrX3lRVQE0GEFfOC0tUDkyKAAEWkIRZ8BQQV80QVcwQ2ZBRjU1TExCZmdGdTdhekFZSUdBMVZUUklnR0FKQUdBWmdHQUtFR21wBV4wWnVULW9CZ1N5QmlRShmABEFSHQwAWh0MAGgZDEBDNEJnby6aApkBITBoV0pJQTopAihKN05meUFBS0FBeBltUDg2Q1VaU1FURTZOVFEwT1VDSU1Faw1UDER3UDE9JABGERgMQUFBRxEYDERRUDIdGABIERgYQUFBSGdBaS49AvD1dy4u2AIA4AKbhU7qAhRodHRwczovL2ZvcndhcmQuY29tL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA_DSkgHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMODAuMjU1LjcuMTA4qAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA0gQOODE3MCNGUkExOjU0NDnaBAIIAeAEAfAEhIPXiwGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWlxyz6BQQIABAAkAYAmAYAuAYAwQYABSUo8D_QBugp2gYWChAFEB0BdBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHoNkF0gcNCREpASYI2gcGAV1wGADgBwDqBwIIAPAHlsUDiggCEACVCAAAgD-YCAE.&s=6a0591af431a3af8d39a67797cf482b34bdd8a6d
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:20 GMT
AN-X-Request-Uuid
9b7faa9e-6e1f-4a19-97af-9f75f0e49cee
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
servedby.flashtalking.com/imp/2/171383;6162252;201;js;GroupMCompetenceCenter;DEToyotaAlwaysOnRangeAlwaysOnConvertDisplayLightReactionProspectingSuperBanner0122/ Frame 0E9D 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servedby.flashtalking.com/imp/2/171383;6162252;201;js;GroupMCompetenceCenter;DEToyotaAlwaysOnRangeAlwaysOnConvertDisplayLightReactionProspectingSuperBanner0122/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ft_section=13571920_CorollaHB_PR_AutoOpt&ftOBA=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Domaxbbue%26e%3D1544311770728&ft_keyword=13571920_CorollaHB_PR_AutoOpt&gdpr=0&gdpr_consent=&cachebuster=104085.63713330677
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.64.122.89 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-64-122-89.deploy.static.akamaitechnologies.com
Software
prod-xre-app19.frk11 /
Resource Hash
d33e4234716189e1e98505ff1746c10114be3490b1e91c26e646d4fa6b392817
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:20 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=86400
Server
prod-xre-app19.frk11
Vary
Accept-Encoding
Content-Type
text/javascript;charset=ISO-8859-1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
721
Expires
Sat, 24 Dec 2022 10:07:20 GMT
v2
odr.mookie1.com/t/ Frame 0E9D
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_876576%26src.visitorid%3D%25%25COOKIE%25%25
  • https://odr.mookie1.com/t/v2?tagid=V2_876576&src.visitorid=7180654624183416986&gdpr=0&gdpr_consent=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_876576&src.visitorid=7180654624183416986&gdpr=0&gdpr_consent=
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=omaxbbue&e=1544311770728
Protocol
H3
Server
34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:21 GMT
via
1.1 google
server
Apache
content-type
image/gif;charset=UTF-8
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://odr.mookie1.com/t/v2?tagid=V2_876576&src.visitorid=7180654624183416986&gdpr=0&gdpr_consent=
Date
Sat, 24 Dec 2022 10:07:20 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
trk.js
cdn.adnxs.com/v/s/231/ Frame 0E9D 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/231/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a6014f6b98eaeb6078b9e1c953c61f33af95d5f4866d89a416d01b74a0dd6c27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Expires
Wed, 06 Dec 2023 04:35:13 GMT
Date
Sat, 24 Dec 2022 10:07:20 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
1575127
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27455
X-Served-By
cache-lga13620-LGA, cache-hhn-etou8220054-HHN
Last-Modified
Wed, 30 Nov 2022 10:07:25 GMT
Server
AkamaiNetStorage
X-Timer
S1671876441.897667,VS0,VE0
ETag
"48b9fe7fe4120aea6f95a30f505d7b35:1669802845.0694"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
17, 1295419
it
fra1-ib.adnxs.com/ Frame 0E9D 		0
930 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fforward.com%252F&e=wqT_3QLFC_BMxQUAAAMA1gAFAQjXnpudBhD83IPY57vMyhoYja-4qpOZ7ppWKjYJDr4wmSoYdT8RgM8XlMxecD8ZAAAAgD0K7z8hgM8XlMxecD8pDr4JJPCBMQAAAEDhepQ_MJeHhQw4mFBAqTlIAlCgxcedAViezX9gAGix8pcBeMbbBIABAYoBA1VTRJIBA0VVUpgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAml1ZignYScsIDE2OTQzNjgsIDApO3VmKCdpJywgNTI0OTAyMBUULGcnLCAxMzU3MTkyMBUVMHMnLCAyNTY5Njc0MzUVFjByJywgMzMwNDI0OTkyBRbwtpICqQUhbW9mQ3NRaTYzUGdXRUtERng1MEJHQUFnbnMxX01BRTRBRUFBU0trNVVKZUhoUXhZQUdDOUJtZ0FjQTU0QUlBQkRvZ0JBSkFCQVpnQkFhQUJBcWdCQXJBQkFMa0JYVjk4OF9yamN6X0JBVk02Y1ktNEczVV95UUVBQUFBQUFBRHdQOWtCU0RNV1RXY243al9nQWZ5dndBTDFBWVhya1QtWUFnQ2dBZ0MxQWdBQUFBQzlBZwE58IZEQUFnRElBZ0RRQWc3WUFnRGdBdTc1OWhQb0F1WGdscDBHLUFJQmdBTUJtQU1Cb2dNT0NPYkZ2aWNRQkJnQkxRX2tMemlpQXhjSXg1TGVGUkFIR0FFdDhqSDNPeklIWkdWbVlYVnNkS0lERkFpV3Z1d2tFQWdZQUMyNmF5a19NZ1F5Tnpnem8FWAF4HE1RQ1JnQ0xRAZygQ2lBdzRJMExpVUFSQUtHQUF0QUFDQVA2SUREZ2p1LWZZVEVBc1lBaTABLcBBdWdNSlJsSkJNVG8xTnpnMzRBT0lNSUFFdUtPTENJZ0UycU9MQ0pBRUFaZ0VCTUVFBTUFAQhESkIFCAkBFDJBUUE4UQWBCQF0SWdGbXkyWUJZdUd4SHFwQlVnekZrMW5KLTRfc1FVCSQBAQhNRUYBBwkBCERKQgFDHEtBTTYtZ18wLigABE5rBSjwRlFIY3Q1VF9nQllNRThBWFFycndHLUFXZ3RXZUNCZ05GVlZLSUJnQ1FCZ0dZQmdDaEJqMEsxNk53UGZJX3FBWUVzZ1lrQ1FBCW8MQUFBRQFwDQEARx0MAEkdDDh1QVlLmgKZASE4eFZXVGc6rQLYSjdOZnlBQUtBQXhQUXJYbzNBOThqODZDVVpTUVRFNk5UYzROMENJTUVsSU14Wk5aeWZ1UDFFQQ10DEFBRmsVCwRBRx0YAEcdGABIHRgQSGdBaVEREPCqRHdQdy4u2AIA4AKbhU7qAhRodHRwczovL2ZvcndhcmQuY29tL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA_DSkgHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMODAuMjU1LjcuMTA4qAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA0gQONzMzNyNGUkExOjU3ODfaBAIIAeAEAfAEhaAgiAUBmAUAoAX_EQEYAcAFAMkFAAUBFPA_0gUJCQULeAAAANgFAeAFAfAFhQH6BQQIABAAkAYAmAYAuAYAwQYBIDAAAPA_0Aa0JdoGFgoQCREZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB8bbBNIHDRVjASYI2gcGAV1wGADgBwDqBwIIAPAHlsUDiggCEACVCAAAgD-YCAE.&s=c4045ea5de8bd6d8f944f77bf2a24a13a58ac0ba
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:20 GMT
AN-X-Request-Uuid
d5741169-8a34-4073-84d0-f974bf56b61a
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
1a
i.clean.gg/ Frame CE34 		0
15 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 24 Dec 2022 10:07:21 GMT
via
1.1 google
server
nginx/1.21.6
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
1a
i.clean.gg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://flashnetic.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=utf-8
date
Sat, 24 Dec 2022 10:07:20 GMT
server
nginx/1.21.6
via
1.1 google
/
servedby.flashtalking.com/imp/2/171383;6162252;201;js;GroupMCompetenceCenter;DEToyotaAlwaysOnRangeAlwaysOnConvertDisplayLightReactionProspectingSuperBanner0122/ Frame F2A8 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servedby.flashtalking.com/imp/2/171383;6162252;201;js;GroupMCompetenceCenter;DEToyotaAlwaysOnRangeAlwaysOnConvertDisplayLightReactionProspectingSuperBanner0122/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ft_section=13571920_CorollaHB_PR_AutoOpt&ftOBA=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Drnekscbjcg%26e%3D1544311770728&ft_keyword=13571920_CorollaHB_PR_AutoOpt&gdpr=0&gdpr_consent=&cachebuster=248886.98557302312
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.64.122.89 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-64-122-89.deploy.static.akamaitechnologies.com
Software
prod-xre-app15.frk11 /
Resource Hash
e9c32c03a580096ba5d22cf513262e2113fd92ecc9de9c2e13e6e29df65a5ab0
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:20 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=86400
Server
prod-xre-app15.frk11
Vary
Accept-Encoding
Content-Type
text/javascript;charset=ISO-8859-1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
723
Expires
Sat, 24 Dec 2022 10:07:20 GMT
v2
odr.mookie1.com/t/ Frame F2A8
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_876576%26src.visitorid%3D%25%25COOKIE%25%25
  • https://odr.mookie1.com/t/v2?tagid=V2_876576&src.visitorid=7180654624183416986&gdpr=0&gdpr_consent=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_876576&src.visitorid=7180654624183416986&gdpr=0&gdpr_consent=
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=rnekscbjcg&e=1544311770728
Protocol
H3
Server
34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:21 GMT
via
1.1 google
server
Apache
content-type
image/gif;charset=UTF-8
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://odr.mookie1.com/t/v2?tagid=V2_876576&src.visitorid=7180654624183416986&gdpr=0&gdpr_consent=
Date
Sat, 24 Dec 2022 10:07:20 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
trk.js
cdn.adnxs.com/v/s/231/ Frame F2A8 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/231/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a6014f6b98eaeb6078b9e1c953c61f33af95d5f4866d89a416d01b74a0dd6c27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Expires
Wed, 06 Dec 2023 04:35:13 GMT
Date
Sat, 24 Dec 2022 10:07:20 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
1575127
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27455
X-Served-By
cache-lga13620-LGA, cache-hhn-etou8220052-HHN
Last-Modified
Wed, 30 Nov 2022 10:07:25 GMT
Server
AkamaiNetStorage
X-Timer
S1671876441.911489,VS0,VE0
ETag
"48b9fe7fe4120aea6f95a30f505d7b35:1669802845.0694"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
17, 2166490
it
fra1-ib.adnxs.com/ Frame F2A8 		0
930 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fforward.com%252F&e=wqT_3QLFC_BMxQUAAAMA1gAFAQjXnpudBhDb_pSnjaDHsmEYja-4qpOZ7ppWKjYJDr4wmSoYdT8RgM8XlMxecD8ZAAAAgD0K7z8hgM8XlMxecD8pDr4JJPCBMQAAAEDhepQ_MJeHhQw4mFBAqTlIAlCgxcedAViezX9gAGix8pcBeOWEBoABAYoBA1VTRJIBA0VVUpgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAml1ZignYScsIDE2OTQzNjgsIDApO3VmKCdpJywgNTI0OTAyMBUULGcnLCAxMzU3MTkyMBUVMHMnLCAyNTY5Njc0MzUVFjByJywgMzMwNDI0OTkyBRbwtpICqQUhZ0ljam53aTYzUGdXRUtERng1MEJHQUFnbnMxX01BRTRBRUFBU0trNVVKZUhoUXhZQUdDOUJtZ0FjQTU0QUlBQkRvZ0JBSkFCQVpnQkFhQUJBcWdCQXJBQkFMa0JYVjk4OF9yamN6X0JBVk02Y1ktNEczVV95UUVBQUFBQUFBRHdQOWtCU0RNV1RXY243al9nQWZ5dndBTDFBWVhya1QtWUFnQ2dBZ0MxQWdBQUFBQzlBZwE58IZEQUFnRElBZ0RRQWc3WUFnRGdBdTc1OWhQb0F1WGdscDBHLUFJQWdBTUJtQU1Cb2dNT0NPYkZ2aWNRQkJnQkxRX2tMemlpQXhjSXg1TGVGUkFIR0FFdDhqSDNPeklIWkdWbVlYVnNkS0lERkFpV3Z1d2tFQWdZQUMyNmF5a19NZ1F5Tnpnem8FWAF4HE1RQ1JnQ0xRAZygQ2lBdzRJMExpVUFSQUtHQUF0QUFDQVA2SUREZ2p1LWZZVEVBc1lBaTABLcBBdWdNSlJsSkJNVG8yTkRBMzRBT0lNSUFFdUtPTENJZ0UycU9MQ0pBRUFaZ0VCTUVFBTUFAQhESkIFCAkBFDJBUUE4UQWBCQF0SWdGaHpLWUJZdUd4SHFwQlVnekZrMW5KLTRfc1FVCSQBAQhNRUYBBwkBCERKQgFDHEtBTTYtZ18wLigABE5rBSjwRlFIY3Q1VF9nQllNRThBWFFycndHLUFXZ3RXZUNCZ05GVlZLSUJnQ1FCZ0dZQmdDaEJqMEsxNk53UGZJX3FBWUVzZ1lrQ1FBCW8MQUFBRQFwDQEARx0MAEkdDDR1QVlLmgKZASE2UldQUz6tAthKN05meUFBS0FBeFBRclhvM0E5OGo4NkNVWlNRVEU2TmpRd04wQ0lNRWxJTXhaTlp5ZnVQMUVBDXQMQUFGaxULBEFHHRgARx0YAEgdGAxIZ0FpLsEC8PV3Li7YAgDgApuFTuoCFGh0dHBzOi8vZm9yd2FyZC5jb20vgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgD8NKSAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBAw4MC4yNTUuNy4xMDioBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADSBA43MzM3I0ZSQTE6NjQwN9oEAggB4AQB8ASgxcedAYgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBYUB-gUECAAQAJAGAJgGALgGAMEGAAABJSjwP9AGtCXaBhYKEAEPLgEAdBAAGADgBgHyBgIIAIAHAYgHAKAHAcgH5YQG0gcNCREqASYM2gcGCAUJaOAHAOoHAggA8AeWxQOKCAIQAJUIAACAP5gIAQ..&s=a8321e031565fd390e6c8368f7d8fb77aee291c8
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:20 GMT
AN-X-Request-Uuid
307c9ffe-950c-44f2-bb4a-ab7d2bdcacdb
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
index.html
cdn.flashtalking.com/129256/3290827/ Frame 9A07 		19 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/129256/3290827/index.html
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/616/6162252/3290827/js/j-6162252-3290827.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
0e1a73d8aa5cf64730ebb7a906c9bb1d1909c992a39ec954b8e13634d7af8574

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Access-Control-Max-Age
3000
Cache-Control
max-age=465
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
3587
Content-Type
text/html
Date
Sat, 24 Dec 2022 10:07:20 GMT
ETag
"1609162701"
Last-Modified
Mon, 28 Dec 2020 13:38:21 GMT
X-HW
1671876439.dop139.fr8.t,1671876439.cds159.fr8.shn,1671876440.dop139.fr8.t,1671876440.cds274.fr8.c
x-amz-id-2
744vRbpfJGj4dJkr6iDWG1jU8hi3eZGf4o1tVkOHQwnUF2gL+GxDyc+F84lA2cBvGshl8UlwPSQ=
x-amz-request-id
5RHMKTHJTWAEHE73
skeleton.js
pixel.adsafeprotected.com/rjss/st/992712/61653181/ Frame B5EE 		46 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/rjss/st/992712/61653181/skeleton.js?34678416
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/616/6162252/3290827/js/j-6162252-3290827.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.4.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-4-225.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
46192973ae0ca98653d1134c46d0a1ce54f4fc6f3571ca53812d0dff21dd2da3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:20 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
ftpagefold_v4.7.2.js
cdn.flashtalking.com/pageFold/ Frame B5EE 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/pageFold/ftpagefold_v4.7.2.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/616/6162252/3290827/js/j-6162252-3290827.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
04a4ec051482dbeac84bf68c61fe3abc1cd91a21d49527e14521723bd7606d94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:20 GMT
Content-Encoding
gzip
x-amz-request-id
0VYE1R4B5BFAPA6M
Connection
Keep-Alive
Content-Length
5535
x-amz-id-2
j5KwgsYGbP/r3C8dM97qc+3TabospPpV6qv0lM7drK8sHr8ilGKec0TvlW0suf8hIhcWl4UsqQo=
Last-Modified
Fri, 04 Nov 2022 15:59:45 GMT
ETag
"1667577585"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-HW
1671876439.dop004.fr8.shc,1671876440.dop004.fr8.t,1671876440.cds260.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=21452
Accept-Ranges
bytes
B27471378.331615144;dc_pre=CNKI_IqBkvwCFaNN5QodeqQBiw;dc_trk_aid=523976581;dc_trk_cid=168322537;ord=1671876439;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimp/N526601.2621703GROUPMCOMPETENCEC/ Frame B5EE
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N526601.2621703GROUPMCOMPETENCEC/B27471378.331615144;dc_trk_aid=523976581;dc_trk_cid=168322537;ord=1671876439;dc_lat=;dc_rdid=;tag_for_child_directed_treatme...
  • https://ad.doubleclick.net/ddm/trackimp/N526601.2621703GROUPMCOMPETENCEC/B27471378.331615144;dc_pre=CNKI_IqBkvwCFaNN5QodeqQBiw;dc_trk_aid=523976581;dc_trk_cid=168322537;ord=1671876439;dc_lat=;dc_rd...
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N526601.2621703GROUPMCOMPETENCEC/B27471378.331615144;dc_pre=CNKI_IqBkvwCFaNN5QodeqQBiw;dc_trk_aid=523976581;dc_trk_cid=168322537;ord=1671876439;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?&648556498
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=gsuhtufxa&e=1535582086632
Protocol
H3
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:20 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N526601.2621703GROUPMCOMPETENCEC/B27471378.331615144;dc_pre=CNKI_IqBkvwCFaNN5QodeqQBiw;dc_trk_aid=523976581;dc_trk_cid=168322537;ord=1671876439;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?&648556498
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
jload
pixel.adsafeprotected.com/ Frame B5EE 		47 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=930248&advId=1694368&campId=5249020&pubId=10264&chanId=1654713&placementId=7337&planId=17801719&adsafe_par&impId=5752709546234191296
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=gsuhtufxa&e=1535582086632
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.4.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-4-225.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
892fe29e89914975736e98c2cdb36ee0626687e5473d7f12b9a56811506cf4aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:20 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame AFC9 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=gsuhtufxa&e=1535582086632
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
53029
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 24 Dec 2022 10:07:20 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 15 Dec 2022 19:23:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
100, 270950
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220068-HHN
X-Timer
S1671876441.945891,VS0,VE0
rd_log
fra1-ib.adnxs.com/ Frame B5EE 		0
930 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fforward.com%2F&e=wqT_3QLSDfBM0gYAAAMA1gAFAQjVnpudBhDAu6a6ptvu6k8Yja-4qpOZ7ppWKjYJbqMBvAUShD8Rjrw5fbkmfz8ZAAAAgD0K7z8hjrw5fbkmfz8pbqMJJPCBMQAAAEDhepQ_MJeHhQw4mFBAqTlIAlCgxcedAViezX9gAGix8pcBeL2IBoABAYoBA1VTRJIBA0VVUpgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAml1ZignYScsIDE2OTQzNjgsIDApO3VmKCdpJywgNTI0OTAyMBUULGcnLCAxNzgwMTcxORUVMHMnLCAyNzY2MTc1MDAVFjByJywgMzMwNDI0OTkyBRbwtpIC8QQhd1hndXBBaXo2WkFaRUtERng1MEJHQUFnbnMxX01BRTRBRUFBU0trNVVKZUhoUXhZQUdDOUJtZ0FjQUI0QUlBQkFJZ0JBSkFCQVpnQkFhQUJBcWdCQXJBQkFMa0Izd0FGUlozcWdqX0JBWGRzZ0owV0U0UV95UUVBQUFBQUFBRHdQOWtCU0RNV1RXY243al9nQWZ5dndBTDFBWVhya1QtWUFnQ2dBZ0MxQWdBQUFBQzlBZwE58FVEQUFnRElBZ0RRQWdEWUFnRGdBdm5jbVNIb0FvZmFscDBHLUFJQWdBTUJtQU1Cb2dNT0NQdXR2aWNRQkJnQkxUbEtPRHFpQXc0SS1keVpJUkFKR0FJdAFagEFLSURFd2l4LU40bUVBb1lBUzExWUpZX01nTjFibXVpQRk0BExHETTATG9EQ1VaU1FURTZOall5T2VBRGlEQ0FCTGlqaXdpSUJPdl9xQWlRQkFHWUJBVEJCQQVqBQEIeVFRBQgFARhOZ0VBUEVFBQwFAVBDSUJlVXptQVdjc3ZPREFha0ZTRE0tLAgteEIdOwh3UVUFMgUBCE1rRgEIHFlOSmQ3el9SLigAADIVKPBDRHdQLUFGMUFmd0JmZkR2Z2o0QmFDMVo0SUdBMFZWVW9nR0FKQUdBWmdHQUtFR1BRclhvM0E5OGotb0JnU3lCaVFKQUEBZgUBAFIFBgkBAFoJBwUBAGgFBgUBQEM0QmdvLpoCmQEha0JVLUpnOnUCLEo3TmZ5QUFLQUF4UBVtBDg2MlkBQFVDSU1FbElNeFpOWnlmdVAxPSwERmsFZwUBAEcdGABHHRgASB0YDEhnQWkuiQLwQ3cuLtgCAOACm4VO6gIUaHR0cHM6Ly9mb3J3YXJkLmNvbS_yAhEKBkFEVl9JRBIHMTY5NDM2OPICEgoGQ1BHX0lEEggxbYss8gISCgVDUF9JRBIJdYoQ8gINCggBPhRGUkVREgEJEBxSRU1fVVNFUgUQAAwJIBhDT0RFEgDyAQ8BWREPEAsKB0NQFQ4QEAoFSU8BYSAHNTI0OTAyMPIBIQRJTxUhOBsKD0NVU1RPTV9NT0RFTAErNAg2OTYyNzUxM_ICGgoWMh4AHExFQUZfTkFNBXkIKAoaNh0ACEFTVAFGaElGSUVEEgoxNjcxODAyMTE58gIVCghTUExJVAFfLusA8J8ZCgdTZWdtZW50Eg5BWUdPWF9QUl9JTkZSQYADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA_DSkgHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMODAuMjU1LjcuMTA4qAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA0gQONzMzNyNGUkExOjY2MjnaBAIIAeAEAfAEpa0giAUBmAUAoAX_EQEYAcAFAMkFAAUBFPA_0gUJCQULeAAAANgFAeAFAfAFhQH6BQQIABAAkAYAmAYAuAYAwQYBIDAAAPA_0Aa0JdoGFgoQCREZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB72IBtIHDRVjASYI2gcGAV1wGADgBwDqBwIIAPAHlsUDiggCEACVCAAAgD-YCAE.&s=2ac701ac7eae9e4e99bb26d188251ee71eb7d162&bdref=https%3A%2F%2Fforward.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fforward.com%2F,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dgsuhtufxa%26e%3D1535582086632,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dgsuhtufxa%26e%3D1535582086632&
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=gsuhtufxa&e=1535582086632
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:20 GMT
AN-X-Request-Uuid
31526ea1-81ca-4b2d-bc08-a729ef808eb3
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame EB0F 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=35482045&p=156319&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
02b697d195d19393ddd33715a00c2231f64f2247027de7116c422ee26215b095

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 10:07:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
servedby.flashtalking.com/imp/2/171383;6162252;201;js;GroupMCompetenceCenter;DEToyotaAlwaysOnRangeAlwaysOnConvertDisplayLightReactionProspectingSuperBanner0122/ Frame 434A 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servedby.flashtalking.com/imp/2/171383;6162252;201;js;GroupMCompetenceCenter;DEToyotaAlwaysOnRangeAlwaysOnConvertDisplayLightReactionProspectingSuperBanner0122/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ft_section=13571920_CorollaHB_PR_AutoOpt&ftOBA=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dppqndwhs%26e%3D1544311770728&ft_keyword=13571920_CorollaHB_PR_AutoOpt&gdpr=0&gdpr_consent=&cachebuster=534526.3713044231
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.64.122.89 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-64-122-89.deploy.static.akamaitechnologies.com
Software
prod-xre-app6.frk11 /
Resource Hash
8254ccf105d34fcdfd5fbfbe1786161b4f5ff3cb3960493bdf0f389c667eb65e
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:20 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=86400
Server
prod-xre-app6.frk11
Vary
Accept-Encoding
Content-Type
text/javascript;charset=ISO-8859-1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
722
Expires
Sat, 24 Dec 2022 10:07:20 GMT
v2
odr.mookie1.com/t/ Frame 434A
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_876576%26src.visitorid%3D%25%25COOKIE%25%25
  • https://odr.mookie1.com/t/v2?tagid=V2_876576&src.visitorid=7180654624183416986&gdpr=0&gdpr_consent=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_876576&src.visitorid=7180654624183416986&gdpr=0&gdpr_consent=
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=ppqndwhs&e=1544311770728
Protocol
H3
Server
34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:21 GMT
via
1.1 google
server
Apache
content-type
image/gif;charset=UTF-8
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://odr.mookie1.com/t/v2?tagid=V2_876576&src.visitorid=7180654624183416986&gdpr=0&gdpr_consent=
Date
Sat, 24 Dec 2022 10:07:20 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
trk.js
cdn.adnxs.com/v/s/231/ Frame 434A 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/231/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a6014f6b98eaeb6078b9e1c953c61f33af95d5f4866d89a416d01b74a0dd6c27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Expires
Wed, 06 Dec 2023 04:35:13 GMT
Date
Sat, 24 Dec 2022 10:07:20 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
1575128
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27455
X-Served-By
cache-lga13620-LGA, cache-hhn-etou8220052-HHN
Last-Modified
Wed, 30 Nov 2022 10:07:25 GMT
Server
AkamaiNetStorage
X-Timer
S1671876441.969861,VS0,VE0
ETag
"48b9fe7fe4120aea6f95a30f505d7b35:1669802845.0694"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
17, 2166491
it
fra1-ib.adnxs.com/ Frame 434A 		0
930 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fforward.com%252F&e=wqT_3QLFC_BMxQUAAAMA1gAFAQjXnpudBhCe9bCA9oitvQIYja-4qpOZ7ppWKjYJDr4wmSoYdT8RgM8XlMxecD8ZAAAAgD0K7z8hgM8XlMxecD8pDr4JJPCBMQAAAEDhepQ_MJeHhQw4mFBAqTlIAlCgxcedAViezX9gAGix8pcBeNPZBYABAYoBA1VTRJIBA0VVUpgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAml1ZignYScsIDE2OTQzNjgsIDApO3VmKCdpJywgNTI0OTAyMBUULGcnLCAxMzU3MTkyMBUVMHMnLCAyNTY5Njc0MzUVFjByJywgMzMwNDI0OTkyBRbwtpICqQUhbG9mcXJnaTYzUGdXRUtERng1MEJHQUFnbnMxX01BRTRBRUFBU0trNVVKZUhoUXhZQUdDOUJtZ0FjQTU0QUlBQkRvZ0JBSkFCQVpnQkFhQUJBcWdCQXJBQkFMa0JYVjk4OF9yamN6X0JBVk02Y1ktNEczVV95UUVBQUFBQUFBRHdQOWtCU0RNV1RXY243al9nQWZ5dndBTDFBWVhya1QtWUFnQ2dBZ0MxQWdBQUFBQzlBZwE58IZEQUFnRElBZ0RRQWc3WUFnRGdBdTc1OWhQb0F1WGdscDBHLUFJQmdBTUJtQU1Cb2dNT0NPYkZ2aWNRQkJnQkxRX2tMemlpQXhjSXg1TGVGUkFIR0FFdDhqSDNPeklIWkdWbVlYVnNkS0lERkFpV3Z1d2tFQWdZQUMyNmF5a19NZ1F5Tnpnem8FWAF4HE1RQ1JnQ0xRAZygQ2lBdzRJMExpVUFSQUtHQUF0QUFDQVA2SUREZ2p1LWZZVEVBc1lBaTABLcBBdWdNSlJsSkJNVG8xTnpnMTRBT0lNSUFFdUtPTENJZ0UycU9MQ0pBRUFaZ0VCTUVFBTUFAQhESkIFCAkBFDJBUUE4UQWBCQF0SWdGbVMyWUJZdUd4SHFwQlVnekZrMW5KLTRfc1FVCSQBAQhNRUYBBwkBCERKQgFDHEtBTTYtZ18wLigABE5rBSjwRlFIY3Q1VF9nQllNRThBWFFycndHLUFXZ3RXZUNCZ05GVlZLSUJnQ1FCZ0dZQmdDaEJqMEsxNk53UGZJX3FBWUVzZ1lrQ1FBCW8MQUFBRQFwDQEARx0MAEkdDDh1QVlLmgKZASE4UlhLVFE6rQLYSjdOZnlBQUtBQXhQUXJYbzNBOThqODZDVVpTUVRFNk5UYzROVUNJTUVsSU14Wk5aeWZ1UDFFQQ10DEFBRmsVCwRBRx0YAEcdGABIHRgQSGdBaVEREPCqRHdQdy4u2AIA4AKbhU7qAhRodHRwczovL2ZvcndhcmQuY29tL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA_DSkgHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMODAuMjU1LjcuMTA4qAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA0gQONzMzNyNGUkExOjU3ODXaBAIIAeAEAfAEhaAgiAUBmAUAoAX_EQEYAcAFAMkFAAUBFPA_0gUJCQULeAAAANgFAeAFAfAFhQH6BQQIABAAkAYAmAYAuAYAwQYBIDAAAPA_0Aa0JdoGFgoQCREZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB9PZBdIHDRVjASYI2gcGAV1wGADgBwDqBwIIAPAHlsUDiggCEACVCAAAgD-YCAE.&s=14508c0572a57b0f413ef4a583e2ced6cac22978
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:20 GMT
AN-X-Request-Uuid
8c9b0d0e-83bb-46ea-adfa-3eeecb43fd1f
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
adition.js
imagesrv.adition.com/js/ Frame 7DB7 		32 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/js/adition.js
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:20 GMT
content-encoding
br
last-modified
Thu, 21 Oct 2021 06:32:42 GMT
etag
"4043560335-br"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
8355
js
ad4.adfarm1.adition.com/ Frame 7DB7 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4.adfarm1.adition.com/js?wp_id=4751363&gdpr=0&gdpr_consent=&prf[paappid]=&prf[padevid]=&prf[IDFA]=&prf[ADVERTISINGID]=&prf[pasource]=&prf[paplacementid]=6063205&prf[papublisherid]=1654713&prf[paref]=https%3A%2F%2Fforward.com%2F&prf[pasupplytype]=0&prf[padsp]=apx&prf[padevice]=0&prf[paadformat]=728x90&prf[pavendor]=&prf[paclickid]=&prf[pacarrier]=1&prf[paauction]=7669338047087492488&prf[pageolat]=&prf[pageolon]=&prf[padspuserid]=6212074435349714829&prf[passp]=10264&keyword=[mtp](cid)370276156[AAID][IDFA][u]https%3A%2F%2Fforward.com%2F[p]1654713[mtp](segc)&clickurl=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3Fk653z5Oysz_LwY9BKFSuPwAAAIA9Cu8_Kcz3Y8W2tj8aL90kBoG9P4i9CedR9m5qjRdONcm4NVZXz6ZjAAAAAJdDgQEYKAAAsAQAAAIAAAA89xEWnuYfAAAAAABVU0QARVVSANgCWgAx-QAAAAABAQUCAAAAAMoAEyY8SgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521PBIcEgiWzrgZELzux7ABGJ7NfyAAKAAxAAAAAAAAAAA6CUZSQTE6NTY4N0CIMElIMxZNZyfuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTIwMCNGUkExOjU2ODc%3D%2Fbn%3D93360%2Fclickenc%3D
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad4.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
56b15db3af38f413b90325496cf7a728c0eaacdacee5dab2d5089967fcbe4ac5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
date
Sat, 24 Dec 2022 11:07:20 +0100
cache-control
max-age=600
content-encoding
gzip
content-type
application/x-javascript
server
ADITIONSERVER v1.0
expires
Sat, 01 Jan 2000 00:00:00 GMT
trk.js
cdn.adnxs.com/v/s/231/ Frame 7DB7 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/231/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a6014f6b98eaeb6078b9e1c953c61f33af95d5f4866d89a416d01b74a0dd6c27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Expires
Wed, 06 Dec 2023 04:35:13 GMT
Date
Sat, 24 Dec 2022 10:07:20 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
1575128
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27455
X-Served-By
cache-lga13620-LGA, cache-hhn-etou8220054-HHN
Last-Modified
Wed, 30 Nov 2022 10:07:25 GMT
Server
AkamaiNetStorage
X-Timer
S1671876441.985520,VS0,VE0
ETag
"48b9fe7fe4120aea6f95a30f505d7b35:1669802845.0694"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
17, 1295420
it
fra1-ib.adnxs.com/ Frame 7DB7 		0
930 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fforward.com%252F&e=wqT_3QLQCvSsAlAFAAADANYABQEI156bnQYQiPumuJ7KvbdqGI2vuKqTme6aVio2CZOud8-TsrM_EcvBj0EoVK4_GQAAAIA9Cu8_ISnM92PFtrY_KRov3SQGgb0_MQAAAEDhepQ_MJeHhQw4mFBAsAlIAlC87sewAViezX9gAGix8pcBeLDZBYABAYoBA1VTRJIBA0VVUpgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAmh1ZignYScsIDk4MTE3MCwgMCk7dWYoJ2knLCA3NDE2NzMyLCAwKTt1ZignZycsIDE4NDIwOTA5LCAwKTt1ZigncycsIDI3NjIyMjM1MCwgMCk7dWYoJ3InLCAzNzAyNzYxNTYsIDApO5ICtQQhUFdqbVl3aVd6cmdaRUx6dXg3QUJHQUFnbnMxX01BQTRBRUFBU0xBSlVKZUhoUXhZQUdDOUJtZ0FjQUI0QUlBQkFvZ0JBSkFCQVpnQkFhQUJBYWdCQWJBQkFMa0JSd3lRcElqTnV6X0JBYm1IMmxwSWdiMF95UUVBQUFBQUFBRHdQOWtCU0RNV1RXY243al9nQVp6WHhBUDFBVDVzM2oyWUFnQ2dBZ0cxQWdBQUFBQzlBZ0FBQUFEQUFnRElBZ0RRQWdEWUFnRGdBZ0RvQWdENEFnQ0FBd0dZQXdHaUF3NEk3TUxvSWhBQkdBSXRBQUNBUDZJRERnanN3dWdpRUFzWUFpMEFBSUFfdWdNSlJsSkJNVG8xTmpnMzRBT0lNSUFFbTY3bkNJZ0VuSzduQ0pBRUFKZ0VBY0VFQUFBQUFBQUFBQURKQkFBQUFBQUFBQUFBMkFRQThRUUFBQUFBQUFBQUFJZ0Z0eXlZQlk2ajI0TUJxUVZJTXhaTlp5ZnVQN0VGQUFBQUFBQUFBQURCQlEFUVBBQVBBX3lRVUFBQURBaDgyN1A5RUYNGgEUCFpCUQEICSioNEFXRld2QUZyYW5rQ1BnRnN2RTdnZ1lEUlZWU2lBWUVrQVlCbUFZQW9RWQEyCQEkS2dHQkxJR0pBawkQAQEEQkUBBgkBBEJrCQgBAQBDHRhcTGdHQ2cuLpoCmQEhUEJJY0VnaVd6cmdaVTkoSjdOZnlBQUtBQXgBPA0BZDZDVVpTUVRFNk5UWTROMENJTUVsSU14Wk5aIQUAMR1hAEYdeQBHHRgARx0YAEgdGBBIZ0FpUREQ8KpEd1B3Li7YAgDgApuFTuoCFGh0dHBzOi8vZm9yd2FyZC5jb20vgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgD8NKSAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBAw4MC4yNTUuNy4xMDioBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADSBA4xMjAwI0ZSQTE6NTY4N9oEAggB4AQB8ASFKyCIBQGYBQCgBf8RARgBwAUAyQUABQEU8D_SBQkJBQt4AAAA2AUB4AUB8AXKAfoFBAgAEACQBgCYBgC4BgDBBgEgMAAA8D_QBvMD2gYWChAJERkBcBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHsNkF0gcNFWMBJgjaBwYBXXAYAOAHAOoHAggA8AeWxQOKCAIQAJUIAACAP5gIAQ..&s=3520cc4536d5d9d6f98bf59fdb0bd1e5272f38f6
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:20 GMT
AN-X-Request-Uuid
1405316a-cb03-4746-aa76-77421023e3ee
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
x.serverbid.com/ Frame 60A4 		35 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=1&cspi=0&cn=22&dpui=de358ce1-098f-44a3-b920-bd2e50bd31fa
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2001415.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:20 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5006 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
289728
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 21 Dec 2022 01:38:33 GMT
expires
Thu, 21 Dec 2023 01:38:33 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 728C 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
39b2ebc4204bef3e99b38bfe35e40dcde6cb550e0979b790cfc0acb1f757fa53
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Da03VffNDW_SQn2JN1bKGw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-Da03VffNDW_SQn2JN1bKGw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 24 Dec 2022 10:07:21 GMT
expires
Sat, 24 Dec 2022 10:07:21 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
usersync
x.serverbid.com/ Frame 5B14 		35 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=1&cspi=0&cn=22&dpui=de358ce1-098f-44a3-b920-bd2e50bd31fa
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2001415.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:20 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58
dcmads.js
www.googletagservices.com/dcm/ Frame 0694 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9406a92f81fad251295cd64386a8bb62ee7503f589ae1b96893faae2f4fcb18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 09:31:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2127
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10900
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 17:19:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 24 Dec 2022 10:31:54 GMT
apn
beacon.sojern.com/imp/ Frame 0694 		42 B
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.sojern.com/imp/apn?auc=4512479597910238743&cr=322267861&seg=&st=0&bp=0.01184&pp=0.01184&aaid=&idfa=&ord=2082647691
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
119.244.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
date
Sat, 24 Dec 2022 10:07:21 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
vary
Accept-Encoding
content-type
image/gif
ca
choices.truste.com/ Frame 0694 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.truste.com/ca?pid=sojern01&aid=sojern02_d&cid=0&c=2082647691&sz=728x90&js=st_dapp
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-7.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
3cef1864f3b4a587c446729a5ee0eb8ae906ec76154e956b797e467c653d0024
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 ff2bcb2d3b4a3d9e0615ddd1033c38c4.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop
FRA2-C2
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
918
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
text/javascript;charset=UTF-8
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
3MUpBlF7jcQa-dkfNayegujUDx89XOFMzZyNbeSwC4vQsoOYAD6XIw==
expires
Mon, 26 Jul 1997 05:00:00 GMT
trk.js
cdn.adnxs.com/v/s/231/ Frame 0694 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/231/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a6014f6b98eaeb6078b9e1c953c61f33af95d5f4866d89a416d01b74a0dd6c27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Expires
Wed, 06 Dec 2023 04:35:13 GMT
Date
Sat, 24 Dec 2022 10:07:21 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
1575128
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27455
X-Served-By
cache-lga13620-LGA, cache-hhn-etou8220027-HHN
Last-Modified
Wed, 30 Nov 2022 10:07:25 GMT
Server
AkamaiNetStorage
X-Timer
S1671876441.010353,VS0,VE0
ETag
"48b9fe7fe4120aea6f95a30f505d7b35:1669802845.0694"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
17, 1439431
it
fra1-ib.adnxs.com/ Frame 0694 		0
930 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fforward.com%252F&e=wqT_3QKsCvBMLAUAAAMA1gAFAQjXnpudBhCXzIyNlInjzz4Yja-4qpOZ7ppWKjYJVfFG5pE_iD8RG0vLlXASgj8ZAAAAgD0K7z8hG0vLlXASgj8pVvEJJPCBMQAAAEDhepQ_MJeHhQw4mFBA6j9IAlDV1dWZAViezX9gAGix8pcBeLiIBoABAYoBA1VTRJIBA0VVUpgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAlN1ZignYScsIDU2ODM3MDcsIDApO3VmKCdpJywgNjU1MTk4NRUULGcnLCAxNjM1Nzg3ORUVMHInLCAzMjIyNjc4NjEFFvCLkgKlBCF1MmFsVEFqRW5iRVlFTlhWMVprQkdBQWduczFfTUFBNEFFQUFTT29fVUplSGhReFlBR0M5Qm1nQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkFhZ0JBYkFCQUxrQkFzNHJGSDlBaURfQkFRTE9LeFJfUUlnX3lRRUFBQUFBQUFEd1A5a0JBQUEFDnQ4RF9nQWJIemp3UDFBYzNNekQyWUFnQ2dBZ0cxQWcBIwRDOQkI8FtEQUFnRElBZ0RRQWdEWUFnRGdBZ0RvQWdENEFnQ0FBd0dZQXdHNkF3bEdVa0V4T2pZMk1qWGdBNGd3Z0FTc2hLQUhpQVRGaEtBSGtBUUJtQVFCdWdRYUNJVUVFUQFoHEFBQU5BX0dRAQkJASBJSUxHaXc3QkIJDwUgBHlRHSEYTmdFQVBFRREfXEFBQ0lCZUV6cVFWSU14Wk5aeWZ1UDdFRhkgGERCQlpxWm0BAkBia195UVVBQUFEZ25WQy1QOTIoAARaQhFnwFBBXzRBV2dDZkFGOTdQbUJfZ0YtX1BhQW9JR0ExVlRSSWdHQUpBR0FaZ0dBS0VHbXAFXjBadVQtb0JnU3lCaVFKGYAEQVIdDABaHQwAaBkMPEM0QmdvLpoCmQEhVlJZRlY-KQIoSjdOZnlBQUtBQXgZbVA4NkNVWlNRVEU2TmpZeU5VQ0lNRWsNVAxEd1AxPSQARhEYDEFBQUcRGAxEUVAyHRgASBEYGEFBQUhnQWkuPQLw9XcuLtgCAOACm4VO6gIUaHR0cHM6Ly9mb3J3YXJkLmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APw0pIB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDgwLjI1NS43LjEwOKgEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANIEDjgxNzAjRlJBMTo2NjI12gQCCAHgBAHwBNXV1ZkBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFnNQ8-gUECAAQAJAGAJgGALgGAMEGAAUlKPA_0AboKdoGFgoQBRAdAXQQABgA4AYB8gYCCACABwGIBwCgBwHIB7iIBtIHDQkRKQEmCNoHBgFdcBgA4AcA6gcCCADwB5bFA4oIAhAAlQgAAIA_mAgB&s=caed8c97506db829456421655283c84bf26e384b
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:21 GMT
AN-X-Request-Uuid
08a1d9a6-ae40-4783-a217-33073bc683b2
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
x.serverbid.com/ Frame 77F6 		35 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=1&cspi=0&cn=22&dpui=de358ce1-098f-44a3-b920-bd2e50bd31fa
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2001415.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:20 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58
publishertag.prebid.130.js
static.criteo.net/js/ld/ Frame D2E8 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.130.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 17 Sep 2022 19:59:55 GMT
server
nginx
etag
W/"6326273b-16120"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 25 Dec 2022 10:07:21 GMT
usersync
x.serverbid.com/ Frame BF67 		35 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=1&cspi=0&cn=22&dpui=de358ce1-098f-44a3-b920-bd2e50bd31fa
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2001415.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:20 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58
usersync
x.serverbid.com/ Frame 7502 		35 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=1&cspi=0&cn=22&dpui=de358ce1-098f-44a3-b920-bd2e50bd31fa
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2001415.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:20 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58
adv_jstag_2.js
cdn.advanseads.com/content_server/1.0/ Frame 5B10 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.advanseads.com/content_server/1.0/adv_jstag_2.js
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-79.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
70f7b6feaec4f65bae5e9eab6f60dbd1f08a96b90227a8559335e7be3d282a09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:21 GMT
Content-Encoding
gzip
Via
1.1 e5b747ffd1713cb17ddd7d55234a3300.cloudfront.net (CloudFront)
Last-Modified
Mon, 21 Nov 2022 21:46:06 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA2-C2
Age
10
ETag
"378c88f7f21344870fc35df344e93ba3"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Cache-Control
max-age=60
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4214
X-Amz-Cf-Id
MLqTSB_15AU_8_VRFCG0YyjaooRYjnnJ__GWM6fABRF2XSwvh43qpA==
dbm
beacon.sojern.com/imp/ Frame 5B10 		42 B
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.sojern.com/imp/dbm?auc=9038166945075165301&li=${CAMPAIGN_ID}&cr=266352160&io=${INSERTION_ORDER_ID}&seg=${PIXEL_ID_COMMA}&src=${SOURCE_URL}&ord=1305348382
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
119.244.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
date
Sat, 24 Dec 2022 10:07:21 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
vary
Accept-Encoding
content-type
image/gif
ca
choices.truste.com/ Frame 5B10 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.truste.com/ca?pid=sojern01&aid=sojern02_d&c=1305348382&js=pmw0&w=728&h=90&admarker=dynamic
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-7.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
d5f33154b951d05508598617ae7f406cb3792750efd57817fac7376f5b88f9f9
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 ff2bcb2d3b4a3d9e0615ddd1033c38c4.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop
FRA2-C2
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
text/javascript;charset=UTF-8
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
_xVxZGofUwoo6PySbXSBRNYEmc9Z5LIBGwar74WiM6tVVIGN5TerSA==
expires
Mon, 26 Jul 1997 05:00:00 GMT
dcmads.js
www.googletagservices.com/dcm/ Frame 5B10 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9406a92f81fad251295cd64386a8bb62ee7503f589ae1b96893faae2f4fcb18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 09:31:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2127
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10900
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 17:19:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 24 Dec 2022 10:31:54 GMT
apn
beacon.sojern.com/imp/ Frame 5B10 		42 B
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.sojern.com/imp/apn?auc=9038166945075165301&cr=266352160&seg=&st=0&bp=0.0017&pp=0.0017&aaid=&idfa=&ord=1305348382
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
119.244.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
date
Sat, 24 Dec 2022 10:07:21 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
vary
Accept-Encoding
content-type
image/gif
ca
choices.truste.com/ Frame 5B10 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.truste.com/ca?pid=sojern01&aid=sojern02_d&cid=0&c=1305348382&sz=728x90&js=st_dapp
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-7.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
3cef1864f3b4a587c446729a5ee0eb8ae906ec76154e956b797e467c653d0024
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 ff2bcb2d3b4a3d9e0615ddd1033c38c4.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop
FRA2-C2
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
918
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
text/javascript;charset=UTF-8
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
Qv0jdgI_JiHcmfIhWLfq6dl55GApFUG0T0PMB2fkijtZsy_2ZWi49g==
expires
Mon, 26 Jul 1997 05:00:00 GMT
trk.js
cdn.adnxs.com/v/s/231/ Frame 5B10 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/231/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a6014f6b98eaeb6078b9e1c953c61f33af95d5f4866d89a416d01b74a0dd6c27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Expires
Wed, 06 Dec 2023 04:35:13 GMT
Date
Sat, 24 Dec 2022 10:07:21 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
1575128
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27455
X-Served-By
cache-lga13620-LGA, cache-hhn-etou8220052-HHN
Last-Modified
Wed, 30 Nov 2022 10:07:25 GMT
Server
AkamaiNetStorage
X-Timer
S1671876441.029971,VS0,VE0
ETag
"48b9fe7fe4120aea6f95a30f505d7b35:1669802845.0694"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
17, 2166492
it
fra1-ib.adnxs.com/ Frame 5B10 		0
930 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fforward.com%252F&e=wqT_3QKmCvBMJgUAAAMA1gAFAQjXnpudBhD18IevtJ6Bt30Yja-4qpOZ7ppWKjYJXwfOGVHaWz8RHOTzXyfCVD8ZAAAAgD0K7z8hHOTzXyfCVD8pYAcJJPCBMQAAAEDhepQ_MJeHhQw4mFBA6j9IAlCg7IB_WJ7Nf2AAaLHylwF49NgFgAEBigEDVVNEkgEDRVVSmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCU3VmKCdhJywgNTEyNjI3NCwgMCk7dWYoJ2knLCA1MjY5ODA3LBEUMGcnLCAxMzcwNjg1NywRFTByJywgMjY2MzUyMTYwBRb0FwGSAqUEIUpHTTVjd2pWbjRJWEVLRHNnSDhZQUNDZXpYOHdBRGdBUUFCSTZqOVFsNGVGREZnQVlMMEdhQUJ3QUhnQWdBRUFpQUVBa0FFQm1BRUJvQUVCcUFFQnNBRUF1UUhZSkpzTklkQmJQOEVCMkNTYkRTSFFXel9KQVFBQUFBQUFBUEFfMlFFQUFBQUFBQUR3UC1BQnI5TEJBdlVCQ3RjalBKZ0NBS0FDQWJVQ0FBQUFBTDBDQUFBQUFNQUNBTWdDQU5BQ0FOZ0NBT0FDQU9nQ0FQZ0NBSUFEQVpnREFib0RDVVpTUVRFNk5UWTNPZUFEaURDQUJJU2NuUVdJQkxib3B3V1FCQUdZQkFHNkJCb0loUVFSQUFBAZoQQTBEOFoFCQkBHGdnc2FMRHNFEa0UQTBEX0pCCRwFARQyQVFBOFER2WBBQUFJZ0ZyeXlwQlVnekZrMW5KLTRfc1FVARoJASxNRUZleFN1Ui1GNmgBTAE7HENDWnVzVV8wLigACE5rRgkx8EZBQThEX2dCYW9COEFYcHpNUUctQVdDOGJnQ2dnWURWVk5FaUFZQWtBWUJtQVlBb1FaN0ZLNUg0WHFFUDZnR0JMSUdKQWtBQRFNAEIVywxBQUJrERYIQUFDHRhETGdHQ2cuLpoClQEheFJTYXZnNikCKG5zMV9JQUFvQURGGW1Mem9KUmxKQk1UbzFOamM1UUlnd1MB3QEBDFBBX1URDAxBQUFXHQwAWREMDE5BX2ERDAxBQUFjHQwQZUFDSkEREPDQUEFf2AIA4AKbhU7qAhRodHRwczovL2ZvcndhcmQuY29tL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA_DSkgHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMODAuMjU1LjcuMTA4qAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA0gQOODE3MCNGUkExOjU2NznaBAIIAeAEAfAEoOyAf4gFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAJDnDYBQHgBQHwBZeCLfoFBAgAEACQBgCYBgC4BgDBBgkjKPA_0AboKdoGFgoQCREZAXQQABgA4AYB8gYCCACABwGIBwCgBwHIB_TYBdIHDQkRKAEmCNoHBgFdcBgA4AcA6gcCCADwB5bFA4oIAhAAlQgAAIA_mAgB&s=91dead384ea76356d69d130a8ef7665fc47981bb
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:21 GMT
AN-X-Request-Uuid
29f309e4-433b-40e0-9a19-e4f7ae95870b
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cm
u.openx.net/w/1.0/ Frame 1E63 		0
176 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid.bidstreamserver.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Requested by
Host: ads.bidstreamserver.com
URL: https://ads.bidstreamserver.com/js/prebid-bidstream-7.16.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Sat, 24 Dec 2022 10:07:21 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
integrator.js
adservice.google.de/adsid/ Frame FF5F 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=forward.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame FF5F 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=forward.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame FF5F 		533 B
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1984178023533098&correlator=2091060247102572&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=21671350435%3A22712312433%2C728x90-forward.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=1&adks=617174094&sfv=1-0-40&fsfs=1&eri=1&sc=1&cookie=ID%3D00d71eeb7218a6f1%3AT%3D1671876435%3AS%3DALNI_MZj7UvGLW8KA8qVkkACX9ZboIyD-A&gpic=UID%3D00000b97e6383860%3AT%3D1671876435%3ART%3D1671876435%3AS%3DALNI_Ma8AlKNCprDUKxC_SPmXoQIE3cynA&abxe=1&dt=1671876441048&lmt=1671876441&dlt=1671876437626&idt=2202&adxs=301&adys=2168&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=1&ucis=4cx50i48sa11&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=2&url=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F&ref=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F&top=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F&frm=23&vis=1&psz=728x90&msz=728x0&fws=256&ohw=0&ea=0&ga_vid=550322770.1671876434&ga_sid=1671876441&ga_hid=1244799473&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2574e2c1fb3c40c584850b4a14401bef4690c57b7f12a8e6b9c041b43c1e8a6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:21 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
267
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://forward.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame FF5F 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7286da8413127b51ce6fd86843433944461a586cfcd5a49c39c8a44dd0998d38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:21 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11325
x-xss-protection
0
container.html
3beb1f81fc485bd83fb3615e658cef3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 457B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3beb1f81fc485bd83fb3615e658cef3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 24 Dec 2022 10:07:21 GMT
expires
Sun, 24 Dec 2023 10:07:21 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fforward.com%2F&domain=forward.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://forward.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://forward.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 24 Dec 2022 10:07:20 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
270980
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
envelope
lexicon.33across.com/v1/ Frame 64CC 		49 B
247 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0010b00002QJmSBAA1&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161217/5905/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:8344:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:20 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://forward.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
sid
mug.criteo.com/ Frame 64CC
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fforward.com%2F&domain=forward.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=a9SzZnxJUHVyT25UR0xtaTdnSHdSSWlqTThidU1hVVYwVEtPdGZiNkRxb0JCRWo2NDVnd204L1dGQ2R5bXlKb3RxbjRISkh4TGxzOXNKQXh6SGxlTS9wN29md2pEd0VLSW5aWlNnU0Y4NFFoakFsSVVybFNnbEdzNXlKc1...
359 B
645 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=a9SzZnxJUHVyT25UR0xtaTdnSHdSSWlqTThidU1hVVYwVEtPdGZiNkRxb0JCRWo2NDVnd204L1dGQ2R5bXlKb3RxbjRISkh4TGxzOXNKQXh6SGxlTS9wN29md2pEd0VLSW5aWlNnU0Y4NFFoakFsSVVybFNnbEdzNXlKc1RXNHNLRzZQczljTWRkUVh2aFJnVWs2czlMRitOS0tJQ3VlSE5lOU1nbWhCNUZVSzdlQkFDNkUxZ3pUTitvRWVBbUMwaTlGWmhhc1doUUY5dU0zMmlSaFd0c0JJdGdheGxEeWd5aWVBaUZTUldrZGx5RUF3PXw&cppv=2
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
b9aefde1e069e09fe896e19cba9934cde9560f45cb70b76a028d17a76a346182
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1232076
expires
0

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:20 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=a9SzZnxJUHVyT25UR0xtaTdnSHdSSWlqTThidU1hVVYwVEtPdGZiNkRxb0JCRWo2NDVnd204L1dGQ2R5bXlKb3RxbjRISkh4TGxzOXNKQXh6SGxlTS9wN29md2pEd0VLSW5aWlNnU0Y4NFFoakFsSVVybFNnbEdzNXlKc1RXNHNLRzZQczljTWRkUVh2aFJnVWs2czlMRitOS0tJQ3VlSE5lOU1nbWhCNUZVSzdlQkFDNkUxZ3pUTitvRWVBbUMwaTlGWmhhc1doUUY5dU0zMmlSaFd0c0JJdGdheGxEeWd5aWVBaUZTUldrZGx5RUF3PXw&cppv=2
access-control-allow-origin
https://forward.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
301226
content-length
0
expires
0
id
id.crwdcntrl.net/ Frame 64CC 		43 B
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id?c=15969
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161217/5905/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.211.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-211-146.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:21 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://forward.com
cache-control
no-cache
x-server
10.45.2.147
access-control-allow-credentials
true
content-length
43
expires
0
rid
match.adsrvr.org/track/ Frame 64CC 		63 B
386 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161217/5905/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
67d59e59ab78914bef31e6a4edd0153a62a5f8be5d635783b43e0640f5473388

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:21 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://forward.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Mon, 23 Jan 2023 10:07:21 GMT
v1
prg.smartadserver.com/prebid/ Frame EE01 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:20 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame EE01 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
c9077aea27b6ad2a3a89b7f16117d9e661b3529c3ce43b6bdad3593acb76cbcf
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:21 GMT
AN-X-Request-Uuid
d5e491ca-c2f3-4deb-a4a0-343967be33b2
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame EE01 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:21 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
pbjs
htlb.casalemedia.com/openrtb/ Frame EE01 		36 B
500 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22769d7e0c19e8fa%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876439208%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876439208%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22845116dc10e3e5%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%22f2c06001-160d-4dab-b1aa-3234d2f2a5b9%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%22223db236-282c-4693-8d3b-df53d7ff59ae%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1dde73662479b1416e1146291ace8877ed06aaf4ffcfe7465b598e7650149e37

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WH%2FGJc5RT4uJ9Of4qFOrDPrDzT6QnkHzuPReUXjp5OHzB3C5fmlzjb8MPdvKcK90tf6uNe8gWpzXQv31dK3p3joGZwIU8lGEfYAdFHaRLLYF4i8guFw53CrGAgsBAI%2FB5Ut0bvF1"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e8878ccb6a696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
cdb
bidder.criteo.com/ Frame EE01 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=79135750506&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:20 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame EE01 		333 B
391 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876439208&tk_flint=pbjs_lite_v7.19.0&x_source.tid=f2c06001-160d-4dab-b1aa-3234d2f2a5b9&l_pb_bid_id=120a8adc1a038b6&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.05034234360209844
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
76817ce9ba2110ded1e5161b8cd8f9a64d2cb89f183814a0633f04374ed8ee30

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:21 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
333
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ Frame EE01 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:20 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ Frame 4317 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:21 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ Frame 4317 		36 B
503 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22318c83f6f59c8c%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876439226%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876439226%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%224c3ae195a3c481%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%2268375a95-236e-454f-afe5-90f10462203b%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%22a70aacf4-e140-4444-9384-92530c2254c6%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58a85c5feb7c713bf4ca1b4a7e8313e48c45487ec9af3b89c8404d66be340b03

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dYN0mvY0ct3FlEtKqbuZrxBj%2BL1ZHwkJ81NXXn2PYWHl%2BfIYpGE8E7lqRikDzNXN9Hpay1ZwE0NxbsyOIFgyInHu0Sx1PEsDRNyrdca3FmJ6y62PN4O4ggdo%2BAZdSNzHt0ZfiiE%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e8878cfba3696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 4317 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:21 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid
ib.adnxs.com/ut/v3/ Frame 4317 		14 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4dad2604bccf468f18079ec466a8546cf4a70d986fd54b6a0b5957722dbeb4d1
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 24 Dec 2022 10:07:21 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
c4ffe3ca-97ac-4dfd-babd-2f547ccbb7d3
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ Frame 4317 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=54315568456&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:20 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
v1
prg.smartadserver.com/prebid/ Frame 4317 		171 B
561 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:20 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 4317 		333 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876439226&tk_flint=pbjs_lite_v7.19.0&x_source.tid=68375a95-236e-454f-afe5-90f10462203b&l_pb_bid_id=144acda3ebbd2cc&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5313122616018369
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
42403dfc0a139837cc5238bd1b06c1b109cf636791b426dfb56999e541a7b721

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:21 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
333
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 1F1D 		333 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876439233&tk_flint=pbjs_lite_v7.19.0&x_source.tid=529d72fa-a10e-4499-a8d3-3ca5a217e1b3&l_pb_bid_id=219458211dfad6&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7302693845178967
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
d382505f825e70fbf900f9f655ed689e88267376dfba5f31a6d5564cbb9612a7

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:21 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
333
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 1F1D 		138 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
60eb7775f4be99cd320627f14722b4bcb9643c02d7d0b16396ec982d785c49e4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:21 GMT
AN-X-Request-Uuid
49564fa3-b3b3-4963-9a64-7a788cedbba2
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ Frame 1F1D 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=55032600465&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:20 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 1F1D 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:21 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
translator
hbopenbid.pubmatic.com/ Frame 1F1D 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:21 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ Frame 1F1D 		37 B
503 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22114f86a1ad820e6%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876439233%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876439233%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221259655e0377105%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%22529d72fa-a10e-4499-a8d3-3ca5a217e1b3%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%2296dc1535-25b4-4a46-a1ed-d4c3cfe42a20%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b57a65bdfd15165a7d98b69552f1419f7384f9045e37dc98f10348dba600260

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZixacB3IYHNegid6%2BYEIYTC4c%2BdjeioxVHn2uCYZxN78vpfIFjrkmEPRI6WWqrrh6EqSLDJE3DNfghim0U8cpCH8ygXitsFb5SPRjS%2BObjvBr4iTRLm4XTNX7keCEDypvQEwRK0C"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e8878d0bd2696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
v1
prg.smartadserver.com/prebid/ Frame 1F1D 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:21 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame D482 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b2284b14c0d9b5328d8e0cedc027ed7231906b48c31c41d5f41c0aca43a9ff2f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:21 GMT
AN-X-Request-Uuid
336f6dab-8676-4258-95f6-1cf091cdb787
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame D482 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:20 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame D482 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=78743038889&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:20 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame D482 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:21 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
translator
hbopenbid.pubmatic.com/ Frame D482 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:21 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame D482 		333 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876439243&tk_flint=pbjs_lite_v7.19.0&x_source.tid=8d3568ca-550c-46da-a5d8-cdcb470c6567&l_pb_bid_id=12636bcff066873&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.08069721139494335
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
148223d43d64709e584f71b1525c3ff789d2596f366697cae396927316bf7733

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:21 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
333
expires
Wed, 17 Sep 1975 21:32:10 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame D482 		37 B
506 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22138d5b6f3c08b96%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876439243%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876439243%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221498d558edcb1e3%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%228d3568ca-550c-46da-a5d8-cdcb470c6567%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%22acd10816-ec6f-40f0-9d5d-de258e7ad361%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7151b0e7dd9b3edd814ed6d59917f07fc0f4ccffb04a6d62ec335da79b53a9d9

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TXxO20fB18%2BRRwVELUoxWLSOj3%2BzO%2BeIsY4pafNcCZzGIgeYJufiO7TCS9VH3QD1Hb5JIV3GJrY7NwB%2Br1LQZJXGCiGrbjh5idpGZ7vH0xu%2BPB1ao8Y9oxdxNFNP8e81xdEU4HP3"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e8878d1be0696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
translator
hbopenbid.pubmatic.com/ Frame ABE4 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:20 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ Frame ABE4 		171 B
561 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:20 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame ABE4 		333 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876439252&tk_flint=pbjs_lite_v7.19.0&x_source.tid=cc73da22-93b2-49f2-ba94-3824c43c6392&l_pb_bid_id=6ded304fb8b241&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.69138627688541
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
760e9467a08cf71e7b44b6625bd1b2b11f2a5ae3ac86aa9d057b4646657f6fb6

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:21 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
333
expires
Wed, 17 Sep 1975 21:32:10 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame ABE4 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:21 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
pbjs
htlb.casalemedia.com/openrtb/ Frame ABE4 		36 B
500 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%229db3533e972593%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876439252%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876439252%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2210acea9519aa167%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%22cc73da22-93b2-49f2-ba94-3824c43c6392%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%2240d9a099-3a71-404a-91b1-4430a2e39384%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef2beffffc73d2fbf1b2525a64f6bd82330b1366aaf2abed7dea8f6c3e2f421b

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=okJp%2F2Nag1iPzdI1y6WHIc48Pc43xdf3upMULiNyCy1K2f3VGhBILJZmgoROY53WJis8BhvnVnV3GwUQVql4xE3bn8R7M%2By6YM2NqMmh0xwnSbgLN4BYPPBNWlkIVd6CTW6Ntxa3"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e8878d2c10696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
cdb
bidder.criteo.com/ Frame ABE4 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=12362050985&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:21 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
prebid
ib.adnxs.com/ut/v3/ Frame ABE4 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
7328b1fd71dc9901165c5e387ba733b7f7c89f910be3478397bac30c94ee82e4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:21 GMT
AN-X-Request-Uuid
40133ed1-c0bc-48fa-8d98-10131465d16e
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
zone
ads.bidstreamserver.com/servlet/view/banner/javascript/ Frame 6DAD 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.bidstreamserver.com/servlet/view/banner/javascript/zone?pid=0&zid=637&fcid=951&uuid=9070c017ce75def74666ccd2bb5bc39f&viewable=false&random=11346887&millis=20221224050716&hb_request=17182134&hb_error=timeout&friendly=friendly_11346887&language=de&pvid=82898819&resolution=1600x1200&txid=91375395&frcn=0&sid=19&sver=1&tagid=ad-86335943&uuid=9070c017ce75def74666ccd2bb5bc39f&referrer=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.10.31.14 Edmonton, Canada, ASN36483 (GOSSAMERTHREADS, CA),
Reverse DNS
Software
nginx /
Resource Hash
7b0e3c627a1c15597822a525bcb06c6eded1b8ecf41596370f58c5be0beb9516

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:21 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
P3P
CP="NOI DSP COR NID"
Cache-Control
no-cache, no-store
Connection
keep-alive
X-Robots-Tag
none
Expires
Thu, 31 Dec 1998 11:59:59 GMT
zone
ads.bidstreamserver.com/servlet/view/banner/javascript/ Frame FD16 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.bidstreamserver.com/servlet/view/banner/javascript/zone?pid=0&zid=637&fcid=951&uuid=9070c017ce75def74666ccd2bb5bc39f&viewable=false&random=18961229&millis=20221224050716&hb_request=10257702&hb_error=timeout&friendly=friendly_18961229&language=de&pvid=82898819&resolution=1600x1200&txid=41784790&frcn=0&sid=19&sver=1&tagid=ad-9091948&uuid=9070c017ce75def74666ccd2bb5bc39f&referrer=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.10.31.14 Edmonton, Canada, ASN36483 (GOSSAMERTHREADS, CA),
Reverse DNS
Software
nginx /
Resource Hash
d05a8228b0ea1a47d0a04658a79278f50dbcaa41b15f09a17df6cd7222861733

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:21 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
P3P
CP="NOI DSP COR NID"
Cache-Control
no-cache, no-store
Connection
keep-alive
X-Robots-Tag
none
Expires
Thu, 31 Dec 1998 11:59:59 GMT
adition.js
imagesrv.adition.com/js/ Frame 3444 		32 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/js/adition.js
Requested by
Host: ad4.adfarm1.adition.com
URL: https://ad4.adfarm1.adition.com/banner?sid=4787253&adjsver=3&fvers=&iframe=1&ref=https%3A//flashnetic.com/r/p.html%3Ff%3Dvwggzaudv%26e%3D1535582086632&ro=https%3A//flashnetic.com/r/p.html%3Ff%3Dvwggzaudv%26e%3D1535582086632&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/108.0.5359.124%20Safari/537.36&os=17&browser=11&userid=0&wi=237375833&ac=1&kw=%5Bmtp%5D%28cid%29406782912%5BAAID%5D%5BIDFA%5D%5Bu%5Dhttps%3A%2F%2Fforward.com%2F%5Bp%5D1654713%5Bmtp%5D%28segc%29&gdpr=0&screen_res=6&prf[ADVERTISINGID]=&prf[IDFA]=&prf[paadformat]=728x90&prf[paappid]=&prf[paauction]=4295564537913537761&prf[pacarrier]=1&prf[paclickid]=&prf[padevice]=0&prf[padevid]=&prf[padsp]=apx&prf[padspuserid]=6212074435349714829&prf[pageolat]=&prf[pageolon]=&prf[paplacementid]=6063205&prf[papublisherid]=1654713&prf[paref]=https://forward.com/&prf[pasource]=&prf[passp]=10264&prf[pasupplytype]=0&prf[pavendor]=&wpt=J&clickurl=https%3A%2F%2Ffra1%2Dib.adnxs.com%2Fclick%3FKHqKBn054D9ViIyJNfvYPwAAAIA9Cu8%5FRxz1wmt%5F5D%5FH155ZEqDqP%2DH0GTgw6Zw7jRdONcm4NVZVz6ZjAAAAAJdDgQEYKAAAsAQAAAIAAADAAz8YnuYfAAAAAABVU0QARVVSANgCWgAx%2DQAAAAABAQUCAAAAAMoAWyUv4wAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521BhJD%5FAjJo5YaEMCH%5FMEBGJ7NfyAAKAAxAAAAAAAAAAA6CUZSQTE6NTc3N0CIMElIMxZNZyfuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTIwMCNGUkExOjU3Nzc%3D%2Fbn%3D75880%2Fclickenc%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:21 GMT
content-encoding
br
last-modified
Thu, 21 Oct 2021 06:32:42 GMT
etag
"4043560335-br"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
8355
js
ad2.adfarm1.adition.com/ Frame 3444 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad2.adfarm1.adition.com/js?wp_id=2885600&gdpr=0&gdpr_consent=&ts=7180654632757234698&kid=5572862&keyword=PACS_4787253_17071378&clickurl=https%3A%2F%2Ffra1%2Dib.adnxs.com%2Fclick%3FKHqKBn054D9ViIyJNfvYPwAAAIA9Cu8%5FRxz1wmt%5F5D%5FH155ZEqDqP%2DH0GTgw6Zw7jRdONcm4NVZVz6ZjAAAAAJdDgQEYKAAAsAQAAAIAAADAAz8YnuYfAAAAAABVU0QARVVSANgCWgAx%2DQAAAAABAQUCAAAAAMoAWyUv4wAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521BhJD%5FAjJo5YaEMCH%5FMEBGJ7NfyAAKAAxAAAAAAAAAAA6CUZSQTE6NTc3N0CIMElIMxZNZyfuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTIwMCNGUkExOjU3Nzc%3D%2Fbn%3D75880%2Fclickenc%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7180654632757234698%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7180654624183416986%2526sid%253D4787253%2526kid%253D5641793%2526bid%253D17071378%2526c%253D32825%2526keyword%253D%25255Bmtp%25255D%252528cid%252529406782912%25255BAAID%25255D%25255BIDFA%25255D%25255Bu%25255Dhttps%25253A%25252F%25252Fforward.com%25252F%25255Bp%25255D1654713%25255Bmtp%25255D%252528segc%252529%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D
Requested by
Host: ad4.adfarm1.adition.com
URL: https://ad4.adfarm1.adition.com/banner?sid=4787253&adjsver=3&fvers=&iframe=1&ref=https%3A//flashnetic.com/r/p.html%3Ff%3Dvwggzaudv%26e%3D1535582086632&ro=https%3A//flashnetic.com/r/p.html%3Ff%3Dvwggzaudv%26e%3D1535582086632&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/108.0.5359.124%20Safari/537.36&os=17&browser=11&userid=0&wi=237375833&ac=1&kw=%5Bmtp%5D%28cid%29406782912%5BAAID%5D%5BIDFA%5D%5Bu%5Dhttps%3A%2F%2Fforward.com%2F%5Bp%5D1654713%5Bmtp%5D%28segc%29&gdpr=0&screen_res=6&prf[ADVERTISINGID]=&prf[IDFA]=&prf[paadformat]=728x90&prf[paappid]=&prf[paauction]=4295564537913537761&prf[pacarrier]=1&prf[paclickid]=&prf[padevice]=0&prf[padevid]=&prf[padsp]=apx&prf[padspuserid]=6212074435349714829&prf[pageolat]=&prf[pageolon]=&prf[paplacementid]=6063205&prf[papublisherid]=1654713&prf[paref]=https://forward.com/&prf[pasource]=&prf[passp]=10264&prf[pasupplytype]=0&prf[pavendor]=&wpt=J&clickurl=https%3A%2F%2Ffra1%2Dib.adnxs.com%2Fclick%3FKHqKBn054D9ViIyJNfvYPwAAAIA9Cu8%5FRxz1wmt%5F5D%5FH155ZEqDqP%2DH0GTgw6Zw7jRdONcm4NVZVz6ZjAAAAAJdDgQEYKAAAsAQAAAIAAADAAz8YnuYfAAAAAABVU0QARVVSANgCWgAx%2DQAAAAABAQUCAAAAAMoAWyUv4wAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521BhJD%5FAjJo5YaEMCH%5FMEBGJ7NfyAAKAAxAAAAAAAAAAA6CUZSQTE6NTc3N0CIMElIMxZNZyfuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTIwMCNGUkExOjU3Nzc%3D%2Fbn%3D75880%2Fclickenc%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.21 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad2.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
348d4422b0acdfbfabf705f2fd628a099862171b1c3315a46248923d6a32aee5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
date
Sat, 24 Dec 2022 11:07:21 +0100
cache-control
max-age=600
content-encoding
gzip
content-type
application/x-javascript
server
ADITIONSERVER v1.0
expires
Sat, 01 Jan 2000 00:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame EE7A 		333 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876439277&tk_flint=pbjs_lite_v7.19.0&x_source.tid=74d39c23-64c0-4f02-ad1c-87ba3a4d7133&l_pb_bid_id=2b6237244f9ef9&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8552294929296478
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
5efc718ffbd25d055f3896f22b9c83f4ae2ab65a78eb60b504faea94525d381f

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:21 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
333
expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ Frame EE7A 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=89388653885&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:20 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
prebid
ib.adnxs.com/ut/v3/ Frame EE7A 		143 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
cf321c12da9a150449d443d144279ea82360c8f8ee6825057974fe39fc31462a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:21 GMT
AN-X-Request-Uuid
86ce2cbe-a742-44d1-bddd-b98f34e9aaa8
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
143
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame EE7A 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:21 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
pbjs
htlb.casalemedia.com/openrtb/ Frame EE7A 		36 B
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%229a37788b284cb3%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876439277%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876439277%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221081c57bb3790ef%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%2274d39c23-64c0-4f02-ad1c-87ba3a4d7133%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%229b99e6d7-67ea-4c9d-af3b-bf9d2fef40bd%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf2b2e9f251fb5acfaa0c2c9451d5f80f307a41d4ba370c6f0f475b98f2fc269

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lPFh44hBJfO1wsR6Mhy6iwxVxp%2FHhWeurzvSCOxSABgQbepYwhFsDixusB6OPIm67A2NxBwN5zi1qHFemCpA8Lwg4gpTkgSH4RcVuIK2yVWOYX%2FPI6Ttl1S7O63cx2b%2BeASRNJ1A"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e8878d7c8d696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
translator
hbopenbid.pubmatic.com/ Frame EE7A 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:20 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ Frame EE7A 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:20 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ Frame CFBF 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:20 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame CFBF 		333 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876439291&tk_flint=pbjs_lite_v7.19.0&x_source.tid=0e91913a-4b7d-499a-8338-47b7b209d500&l_pb_bid_id=4189f35559789f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.36907667779857056
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
70a9d907f920f8436f98885d781d91d92aa1fb5ed105c4453a091e81e747f69c

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:21 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
333
expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ Frame CFBF 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=50691205325&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:21 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
v1
prg.smartadserver.com/prebid/ Frame CFBF 		171 B
561 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:20 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ Frame CFBF 		35 B
506 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2299c47eb4d8db5%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876439291%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876439291%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2210d04fb597102c2%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%220e91913a-4b7d-499a-8338-47b7b209d500%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%22e48707fe-4533-467d-b2c8-20111675c29e%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c1e6d857f645316767ac85175c5c6bca4e88fa007d200304fe79cc4a0704266

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aSPANQ6xvOkSiWZ74ErXqsvG4BctbSkC3IuTTo%2B9Jz0GbZiUkFc7KW%2BnGFj2%2BM%2B0%2Bkgy%2FLptmW4Ayh3TuTSHp8BbxpCrj8Mqz3iZFepuNjh%2FQUHr9dksJeBEAWRd4pwkNz8n3icJ"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e8878d9cec696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35
expires
0
prebid
ib.adnxs.com/ut/v3/ Frame CFBF 		142 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b21cdd22eaaa47b0545de5c314702421b7619a60c6410f1bf2ed160d8772d1bf
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:21 GMT
AN-X-Request-Uuid
b67dd0da-f045-4e8f-b797-aaf06a8b1842
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
142
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame CFBF 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:21 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
pbjs
htlb.casalemedia.com/openrtb/ Frame 0F1D 		36 B
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221c608547fec4d9%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876439307%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876439307%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222db7a5fced0de8%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%22ff22cc7a-7b22-4f29-a5ef-08868138efd4%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%2256a9ccce-8c92-454c-9859-57b4a33fb7f1%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74916ff2fa701168d1a17f57c45a7c1d0d7236078edd742a6cdbf525348cc740

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1oF6dtLefkeS%2Fg3NwbbYmbdP%2BC1jfpItS87fT%2Flm8Poxsi3uy0uCDYH5HSA4KfUgTqXAtlMd4Vfjtg7UFDlMxbk96CeywutvIr29hj8HZnjpgBJcoFr6Nk79C%2FLlUBPBdLJuhylj"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e8878dacfe696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 0F1D 		333 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876439307&tk_flint=pbjs_lite_v7.19.0&x_source.tid=ff22cc7a-7b22-4f29-a5ef-08868138efd4&l_pb_bid_id=438c4df09de2c7&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9952515200563901
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
651dfdd35892ecbce0cd0a82b9e5b86b2446b9d625df7f4c5c5259453f8d7103

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:21 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
333
expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ Frame 0F1D 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=91794266805&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:20 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
prebid
ib.adnxs.com/ut/v3/ Frame 0F1D 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
5fec6ca8e5a0b4d0228c459697dee95a6a50ccdacf4188346923f2e896b18167
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:21 GMT
AN-X-Request-Uuid
3d08e7b4-26a2-42eb-a265-07aab4722d0b
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame 0F1D 		171 B
561 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:21 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 0F1D 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:21 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
translator
hbopenbid.pubmatic.com/ Frame 0F1D 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:21 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 07B2 		333 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876439314&tk_flint=pbjs_lite_v7.19.0&x_source.tid=9a15db98-9734-4c2e-964f-8b20feebdacc&l_pb_bid_id=2b9985c54c695f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8807165807290376
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
60b5796388264c8f3cd36659abf0b7d724ee4cfe0407f07aeec0c601e6ca1278

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:21 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
333
expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
prg.smartadserver.com/prebid/ Frame 07B2 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:20 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame 07B2 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
8b1a651f48c5fe359f5f25deaf96253b5b65bbffb92b21017e8c272301b9bb60
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:21 GMT
AN-X-Request-Uuid
bfeadeda-89ea-4012-9577-8880bba41672
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 07B2 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:21 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
translator
hbopenbid.pubmatic.com/ Frame 07B2 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:20 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame 07B2 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=85854178291&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:20 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
pbjs
htlb.casalemedia.com/openrtb/ Frame 07B2 		37 B
500 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22138b9ef9a2c44bf%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876439314%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876439314%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22144d4b67afaa9a%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%229a15db98-9734-4c2e-964f-8b20feebdacc%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%22bd57e578-89bc-4f18-a449-45c2ecb90053%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29e86726b34cdf55983d49f5567d4e72b2d6ae2742611ae00fc8a7c0733f38fa

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CrMV5njzbSMdepFPN5WCEyzqzVG0kGl2TuFrPxOw4C3S5ZvqbR7J8XxRjgc6SmPKr0zwdPfSyxamqbpFRW0jvAMB9OzTOQy4EPlyF1jhY1BISPkkzgYfLAAP2h2nskX9M7xCx2LO"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e8878dbd29696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
blacklist_script.js
tagan.adlightning.com/bidstream/ Frame A6EE 		37 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/bidstream/blacklist_script.js
Requested by
Host: ads.bidstreamserver.com
URL: https://ads.bidstreamserver.com/servlet/view/banner/javascript/media?mid=0&cid=950&pid=0&zid=638&uuid=9070c017ce75def74666ccd2bb5bc39f&viewable=false&random=16954618&millis=20221224050716&hb_request=63491654&hb_bidder=appnexus&hb_cpm=0.0126&hb_adid=22e08c8cde22646&hb_dealid=null&hb_size=300x250&hb_async=ad-83406151&language=de&pvid=82898819&resolution=1600x1200&txid=79877780&frcn=0&sid=8&sver=1&tagid=ad-83406151&uuid=9070c017ce75def74666ccd2bb5bc39f&referrer=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-59.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6bac775fd9265f93c4a28d2f651ad91b772db29751f0d310c64c098c52340555

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
n_cXLPnwS2W2b7y21oGZVfj6JD0qW77k
content-encoding
gzip
via
1.1 e5b747ffd1713cb17ddd7d55234a3300.cloudfront.net (CloudFront)
date
Sat, 24 Dec 2022 10:07:21 GMT
x-amz-cf-pop
FRA2-C2
age
3135
x-cache
Hit from cloudfront
content-length
16051
x-amz-meta-git_commit
596bd02
last-modified
Thu, 15 Dec 2022 19:45:55 GMT
server
AmazonS3
etag
"b681413dcae1de3bd0f56f809dbfba22"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
WHeuh_KRHM6Mbwyv25UmipIMwFO2Az4An6CK_YoPXjIR4miRmBDEaQ==
blocking_script.js
tagan.adlightning.com/bidstream/ Frame A6EE 		88 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/bidstream/blocking_script.js
Requested by
Host: ads.bidstreamserver.com
URL: https://ads.bidstreamserver.com/servlet/view/banner/javascript/media?mid=0&cid=950&pid=0&zid=638&uuid=9070c017ce75def74666ccd2bb5bc39f&viewable=false&random=16954618&millis=20221224050716&hb_request=63491654&hb_bidder=appnexus&hb_cpm=0.0126&hb_adid=22e08c8cde22646&hb_dealid=null&hb_size=300x250&hb_async=ad-83406151&language=de&pvid=82898819&resolution=1600x1200&txid=79877780&frcn=0&sid=8&sver=1&tagid=ad-83406151&uuid=9070c017ce75def74666ccd2bb5bc39f&referrer=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-59.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1e8ca6b4a169da3b4845f4d89ae7a1235744f7835ffd92ecb9c1e8282473c0a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
Y_vLY_DLAQKoLsyq0fmD7ghPS75Bs66m
content-encoding
gzip
via
1.1 e5b747ffd1713cb17ddd7d55234a3300.cloudfront.net (CloudFront)
date
Fri, 23 Dec 2022 17:27:42 GMT
x-amz-cf-pop
FRA2-C2
age
59991
x-cache
Hit from cloudfront
content-length
33090
x-amz-meta-git_commit
8db6969
last-modified
Mon, 31 Oct 2022 20:28:28 GMT
server
AmazonS3
etag
"980f0389545a8d6afe3f14c53d65aaee"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
i1WCau7lm03v7SxTPDTvJfGi8dlNHkD46hOY7Cs0EgLQEPPpmaFZ5A==
interactive2.js
ads.bidstreamserver.com/js/ Frame A6EE 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.bidstreamserver.com/js/interactive2.js
Requested by
Host: ads.bidstreamserver.com
URL: https://ads.bidstreamserver.com/servlet/view/banner/javascript/media?mid=0&cid=950&pid=0&zid=638&uuid=9070c017ce75def74666ccd2bb5bc39f&viewable=false&random=16954618&millis=20221224050716&hb_request=63491654&hb_bidder=appnexus&hb_cpm=0.0126&hb_adid=22e08c8cde22646&hb_dealid=null&hb_size=300x250&hb_async=ad-83406151&language=de&pvid=82898819&resolution=1600x1200&txid=79877780&frcn=0&sid=8&sver=1&tagid=ad-83406151&uuid=9070c017ce75def74666ccd2bb5bc39f&referrer=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.10.31.14 Edmonton, Canada, ASN36483 (GOSSAMERTHREADS, CA),
Reverse DNS
Software
nginx /
Resource Hash
2b68d3f00ef77a863aced01347d486c666e2203aeb549e94c49f580c78d8aa21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:21 GMT
Content-Encoding
gzip
Last-Modified
Tue, 25 Oct 2022 15:34:24 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Cache-Control
public, max-age=86400
Connection
keep-alive
Expires
Sun, 25 Dec 2022 10:07:21 GMT
translator
hbopenbid.pubmatic.com/ Frame ECC5 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:20 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame ECC5 		333 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876439324&tk_flint=pbjs_lite_v7.19.0&x_source.tid=1238fbba-72dd-4367-8b14-e43229ddabc2&l_pb_bid_id=4691c16dbd0f2e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.28290678447765716
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
a411d49da011f31a32b325944c76642882f2936af5caf775f19e416b238795de

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:21 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
333
expires
Wed, 17 Sep 1975 21:32:10 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame ECC5 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:21 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
v1
prg.smartadserver.com/prebid/ Frame ECC5 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:21 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame ECC5 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
55ba377bc74e7ee39dab364a2b8af51e6b9c47509e79062ecd75de75b36e9f34
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:21 GMT
AN-X-Request-Uuid
a12ea02f-c674-40b6-b092-981d6821f0d2
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ Frame ECC5 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=73547777056&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:21 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
pbjs
htlb.casalemedia.com/openrtb/ Frame ECC5 		37 B
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2213141f053abc51f%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876439324%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876439324%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221441e1487b45339%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%221238fbba-72dd-4367-8b14-e43229ddabc2%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%22fe25c341-66f1-4bf8-b9b9-3fc0658e6678%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1fef875d37f47a9e678bb2bc09d53020166cd070b24bb8b93f750e6fbb0121a

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6cps9ornNh4WHf0A5u0PsnuEmwsHsUAPuMoIcc%2BXNSIMsfH47ZgYTFcixczXmj%2BphNS722kordhPHX3Ef4WT5lLYFM%2FraaOoAGomVICjVYk1dSiEi%2FtWh5DMOVmvyTjWbBhUn7lB"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e8878ded72696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
v1
prg.smartadserver.com/prebid/ Frame C3A1 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:21 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame C3A1 		333 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876439352&tk_flint=pbjs_lite_v7.19.0&x_source.tid=2976f72b-3f98-416e-9197-e2cc10ed7e33&l_pb_bid_id=42bd2913773029&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8111479622413131
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
e3b6174a36f89a43f99fc21eb0329038be1f89a4bf2d30bb5e3f2080e3ab35ec

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:21 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
333
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ Frame C3A1 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:20 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame C3A1 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b8ff2560628d56008101b3dbf9816112dae4fb8260c4be0617518ace2a7ddf17
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:21 GMT
AN-X-Request-Uuid
82dc0394-dcea-48d7-912e-3b9130f7989f
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame C3A1 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:21 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
cdb
bidder.criteo.com/ Frame C3A1 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=77178501726&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:20 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
pbjs
htlb.casalemedia.com/openrtb/ Frame C3A1 		37 B
509 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221374ca72776bdfe%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876439352%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876439352%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2214f268c551f66ab%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%222976f72b-3f98-416e-9197-e2cc10ed7e33%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%220c3f170c-fd1d-491c-81a4-252746e55344%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c528d65e263736a020939211d3f1354dfa0b51294eb41694ef84ad3574f7a8af

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6P8sQZAc38QhYEswSFKhG1DqkESHZPeuYugO%2FDEu54qrKz%2ByERQwQKNyi5X5%2B%2BdJ%2BRVPcFi66vs%2FsMtKErvIr4Dvt8G4m4ILTzHmy78v%2FMLG5tY7dn6rhAlI0PMOStZUDB1foMy8"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e8878dfda1696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
v1
prg.smartadserver.com/prebid/ Frame 7CDF 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:21 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame 7CDF 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=22443358914&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:21 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 7CDF 		333 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876439340&tk_flint=pbjs_lite_v7.19.0&x_source.tid=a2526487-9bcc-4003-990c-831afa1751c3&l_pb_bid_id=6c54e5101fba4c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3913737966874635
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
e9d19a7beca7a47858434fe6010fd16dde093d7727e606485597973a697aa2b7

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:21 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
333
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ Frame 7CDF 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:19 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ Frame 7CDF 		36 B
509 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2293d05132448ec1%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876439340%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876439340%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2210f9aac8a41b851%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%22a2526487-9bcc-4003-990c-831afa1751c3%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%2299fa77f1-89c7-4b5f-b947-65be2c6590c3%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29df9063cc35326fb19336ea1f1eb2620ed5c1df93f196e2f30cca89630d2d15

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zAWFJw14CEKcb5d49V%2F%2F9durVmMMDXYsZo19FJzVkJSaEaUIdiWM7ayxI2rtN%2B8kV12uZw1vXFwSm2VxIySlU0w4lO1owY%2BBbDdFppGeoyDnmrFdNw%2BKO%2B6sw1E%2F3F%2BaJxEL5DBI"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e8878e0dae696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 7CDF 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:21 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid
ib.adnxs.com/ut/v3/ Frame 7CDF 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c9f82243c9f27518eb74bba4cdd5c29c1f9ca2d82be5fa51cd9a05484176cca
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:21 GMT
AN-X-Request-Uuid
a6f8a651-9e20-4891-bb24-9c37f379a5d4
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 2B0F 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:20 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ Frame 2B0F 		36 B
505 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%223d8cf6cf25644f%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876439330%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876439330%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2247738f7bd3c462%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%22ad0388d3-a93e-444b-92ad-9a0a68e0e269%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%22c5937c7f-36b3-418e-aeab-d50b86a9dd92%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fab49feac5843db4a0f22356fa647a21a3a6e110064233787ee39458ce73bd5

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1502LAS6sdLgp81%2Fr18ggfd%2B6WpNmQYof%2Fv77UCu5M5XiNqbD00gaxHvilOgN%2B7XH7c%2FpwYWkgdv42JnttNAICX92EIlzk%2FBSGyPNbmZXRljwbOaxxjR6rd2X5ES0xO04JHrbzJd"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e8878e1ddc696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
cdb
bidder.criteo.com/ Frame 2B0F 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=36236772280&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:21 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 2B0F 		333 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876439330&tk_flint=pbjs_lite_v7.19.0&x_source.tid=ad0388d3-a93e-444b-92ad-9a0a68e0e269&l_pb_bid_id=886b140f35a937&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.02180101697063197
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
188865543091a75a18231e72dfddcf87c9df931634165b25b3d041ad38ac42a4

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:21 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
333
expires
Wed, 17 Sep 1975 21:32:10 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 2B0F 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:21 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid
ib.adnxs.com/ut/v3/ Frame 2B0F 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
792092647d8cfbd6e84146c87495b758b81619c30279ef624ff5946a952daf83
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:21 GMT
AN-X-Request-Uuid
bbb38aee-456e-4d3b-b03c-6c936b26cea4
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame 2B0F 		171 B
561 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:21 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
ImgSync
image8.pubmatic.com/AdServer/ Frame BAC3 		0
447 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=156383
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:20 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
crum
dsum-sec.casalemedia.com/ Frame BAC3
Redirect Chain
  • https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=844299&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5109685625407808780
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5109685625407808780
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:23 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5109685625407808780
Date
Sat, 24 Dec 2022 10:07:22 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame BAC3 		95 B
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?referrer=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.55.233.29 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.233.55.162.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/png
date
Sat, 24 Dec 2022 10:07:21 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
000002447532.gif
imagesrv.adition.com/banners/273/files/00/25/58/ac/ Frame 8A4B 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesrv.adition.com/banners/273/files/00/25/58/ac/000002447532.gif
Requested by
Host: ad4.adfarm1.adition.com
URL: https://ad4.adfarm1.adition.com/banner?sid=3692289&wpt=H&ac=-1&bid=16707077&userid=7124704239831220522&clickurl=https://fra1-ib.adnxs.com/click?DJOpglFJfT9-VZF-uR52PwAAAIAUruc_flWRfrkedj8Mk6mCUUl9Pydo9CJYdeZ1jRdONcm4NVZWz6ZjAAAAAHlDgQEYKAAAYQwAAAIAAAAbqS0XnuYfAAAAAABVU0QARVVSACwB-gAx-QAAAAABAQUCAAAAAMoARyKSywAAAAA./bcr=AAAAAAAA8D8=/cnd=%21-xYq2gjX9uMZEJvStrkBGJ7NfyAAKAAxAAAAAAAACEA6CUZSQTE6NjYyOECIMElIMxZNZyfuP1EAAAAAAAAAAFkAAAAAAAAAAGG4HoXrUbieP2kAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MzE2OSNGUkExOjY2Mjg=/bn=74492/clickenc=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
e3d228f21c1416847a787052cadbac5df6182bb7b5fb185d4edbf9dc225e5ec3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad4.adfarm1.adition.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 24 Dec 2022 10:07:21 GMT
last-modified
Tue, 04 Oct 2022 07:30:36 GMT
accept-ranges
bytes
etag
"2700043250"
content-length
2096780
content-type
image/gif
pbjs
htlb.casalemedia.com/openrtb/ Frame A88D 		36 B
503 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2215756e60ec1bcb%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876439361%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876439361%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22221222017f8678%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%224b41c34d-d7fb-4856-bc41-7aa927081268%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%2295093c30-cb83-4715-8191-c2fa6d7c7c74%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ca81830e9a59bf8bfcfb4bb8dc93c1b2b97178832968fa65e51893ea6383fca

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rPVr%2FHRnxadVT4LOzhSCjBpGw%2BvtcKZpsm%2BzoTMEGcc%2B36Fj58s0GnV8TSbdxGeJBH1si27R%2Bpk4jciyK5R2uD3wvO7F6COyc65SfF95AsoVLmyC2xnR3pPD3t2XawpoHCp1xJ5z"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e8878e5e60696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
v1
prg.smartadserver.com/prebid/ Frame A88D 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:20 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame A88D 		333 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876439361&tk_flint=pbjs_lite_v7.19.0&x_source.tid=4b41c34d-d7fb-4856-bc41-7aa927081268&l_pb_bid_id=684bd03eb3f08e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.23063714888787423
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
3ad2b2b9af8ac09857eefdde6924624f0c8bc6147a869875bfd2bbe81f94629c

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:21 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
333
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ Frame A88D 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:20 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame A88D 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=18904887256&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:21 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame A88D 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:21 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid
ib.adnxs.com/ut/v3/ Frame A88D 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
c0935b8468a6aa80443c834455aced4f5c28fd6ec2eddd7c81cb57cd90374490
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:21 GMT
AN-X-Request-Uuid
17e5eaed-0056-4021-8afc-13c7a23644f4
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
html5API.js
cdn.flashtalking.com/frameworks/js/api/2/10/ Frame 64B6 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/129256/3290827/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
b24207967ac402c984033e70a55264014d8a2c4a6528b5196881e3781f0c5a44

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:21 GMT
Content-Encoding
gzip
x-amz-request-id
3TCAAFNTXJCJJJ6N
Connection
Keep-Alive
Content-Length
28626
x-amz-id-2
jBlf9FdD9KbbhnAFx4NA/lMdybupLdPlhkpSWkn92J2dLL7oN0S3J8vMulnI6xl4G4vlqflcH8o=
Last-Modified
Mon, 15 Aug 2022 14:14:24 GMT
ETag
"1660572864"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-HW
1671876439.dop004.fr8.shc,1671876440.dop004.fr8.t,1671876441.cds260.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=15266
Accept-Ranges
bytes
gsap.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.2.6/ Frame 64B6 		58 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.2.6/gsap.min.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/129256/3290827/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddaae7809050477153c9e46d2f79ae00615a19c2fc887b2e6d83aaab8f2604bc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:21 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3254386
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21169
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-e6bb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZXhXNpJ5k0yoBoHuZR6aRC9Zvw9s5NwqaapkkrdywHHQkpA1f8gPeddvPrg%2F2dcW4Jv0IjY61iQusEEcQBsnjslSmfc6bkIaAseh%2F3XO%2Bs9yYvJey%2FPfxnFNvyg%2B%2FgdiCVo8wfHTIzoONnpr4uvXINom"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e8878e6a839b5b-FRA
expires
Thu, 14 Dec 2023 10:07:21 GMT
SplitText.min.js
cdn.flashtalking.com/129256/3290827/js/ Frame 64B6 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/129256/3290827/js/SplitText.min.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/129256/3290827/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
72066761670e67f7821cf496191827c6835c2dbb89b031a7ca498efd31c60d12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:21 GMT
Content-Encoding
gzip
x-amz-request-id
CH7RYEJYASR0TWQY
Connection
Keep-Alive
Content-Length
5155
x-amz-id-2
ToveK1yM+HG+cG1mIOQYwajzQFZjC/KN/HX9Z7g2GuqgdegIIgHRJd6bCu3n7L6PIm2zC7bveBQ=
Last-Modified
Mon, 28 Dec 2020 13:38:21 GMT
ETag
"1609162701"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
X-HW
1671876439.dop139.fr8.t,1671876439.cds159.fr8.shn,1671876440.dop139.fr8.t,1671876441.cds274.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1099
Accept-Ranges
bytes
html5API.js
cdn.flashtalking.com/frameworks/js/api/2/10/ Frame EC34 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/129256/3290827/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
b24207967ac402c984033e70a55264014d8a2c4a6528b5196881e3781f0c5a44

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:21 GMT
Content-Encoding
gzip
x-amz-request-id
3TCAKCN90Q9PME8W
Connection
Keep-Alive
Content-Length
28626
x-amz-id-2
7fnC0xP1SetsKtKpzqjHTWFnfaqJ+Ih/vEnk9lztgC8Pz8xmtvUBO+PlLvQu2YgZ9pLpvAaqMlU=
Last-Modified
Mon, 15 Aug 2022 14:14:24 GMT
ETag
"1660572864"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-HW
1671876439.dop231.fr8.t,1671876439.cds164.fr8.shn,1671876440.dop231.fr8.t,1671876441.cds274.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=15902
Accept-Ranges
bytes
gsap.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.2.6/ Frame EC34 		58 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.2.6/gsap.min.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/129256/3290827/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddaae7809050477153c9e46d2f79ae00615a19c2fc887b2e6d83aaab8f2604bc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:21 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3254386
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21169
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-e6bb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hTheTm1X06L96Eh4IygaHbVhB1eP5ukzuribNsf4fm6ODboLhM42LiXKiXC4XV5ZjN1acT%2FtPyIO4iKk4lQyY5dykwU26LddoMkITqtg79bk8vTCzSBGCjBzzCZRx%2F5OtwllrIWrOIBGoh3MW2yNyp%2Fy"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e8878e9ac49b5b-FRA
expires
Thu, 14 Dec 2023 10:07:21 GMT
SplitText.min.js
cdn.flashtalking.com/129256/3290827/js/ Frame EC34 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/129256/3290827/js/SplitText.min.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/129256/3290827/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
72066761670e67f7821cf496191827c6835c2dbb89b031a7ca498efd31c60d12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:21 GMT
Content-Encoding
gzip
x-amz-request-id
CH7RYEJYASR0TWQY
Connection
Keep-Alive
Content-Length
5155
x-amz-id-2
ToveK1yM+HG+cG1mIOQYwajzQFZjC/KN/HX9Z7g2GuqgdegIIgHRJd6bCu3n7L6PIm2zC7bveBQ=
Last-Modified
Mon, 28 Dec 2020 13:38:21 GMT
ETag
"1609162701"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
X-HW
1671876439.dop133.fr8.t,1671876439.cds107.fr8.shn,1671876440.dop133.fr8.t,1671876441.cds274.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1099
Accept-Ranges
bytes
html5API.js
cdn.flashtalking.com/frameworks/js/api/2/10/ Frame C39E 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/129256/3290827/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
b24207967ac402c984033e70a55264014d8a2c4a6528b5196881e3781f0c5a44

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:21 GMT
Content-Encoding
gzip
x-amz-request-id
3TCAKCN90Q9PME8W
Connection
Keep-Alive
Content-Length
28626
x-amz-id-2
7fnC0xP1SetsKtKpzqjHTWFnfaqJ+Ih/vEnk9lztgC8Pz8xmtvUBO+PlLvQu2YgZ9pLpvAaqMlU=
Last-Modified
Mon, 15 Aug 2022 14:14:24 GMT
ETag
"1660572864"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-HW
1671876439.dop139.fr8.t,1671876439.cds159.fr8.shn,1671876440.dop139.fr8.t,1671876441.cds274.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=15902
Accept-Ranges
bytes
gsap.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.2.6/ Frame C39E 		58 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.2.6/gsap.min.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/129256/3290827/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddaae7809050477153c9e46d2f79ae00615a19c2fc887b2e6d83aaab8f2604bc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:21 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3254386
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21169
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-e6bb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3rxRMBw3zdJxScVINAq5xAT0v5yx4awAzk04nYsJHidrl4wnZ3zoVGFSJ%2Fuy3tTyUzWfYoMSYtjafomqDzwNw9NKVtIHyQXeesHUhCmYT5dUc%2Fs9xI5gKTDK1DLa7f4gxcKShR9%2FInCjmKEZ59xJFZn1"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e8878ecb1e9b5b-FRA
expires
Thu, 14 Dec 2023 10:07:21 GMT
SplitText.min.js
cdn.flashtalking.com/129256/3290827/js/ Frame C39E 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/129256/3290827/js/SplitText.min.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/129256/3290827/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
72066761670e67f7821cf496191827c6835c2dbb89b031a7ca498efd31c60d12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:21 GMT
Content-Encoding
gzip
x-amz-request-id
CH7RYEJYASR0TWQY
Connection
Keep-Alive
Content-Length
5155
x-amz-id-2
ToveK1yM+HG+cG1mIOQYwajzQFZjC/KN/HX9Z7g2GuqgdegIIgHRJd6bCu3n7L6PIm2zC7bveBQ=
Last-Modified
Mon, 28 Dec 2020 13:38:21 GMT
ETag
"1609162701"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
X-HW
1671876439.dop144.fr8.t,1671876439.cds052.fr8.shn,1671876440.dop144.fr8.t,1671876441.cds274.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1099
Accept-Ranges
bytes
banner
ad4.adfarm1.adition.com/ Frame 67CC 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4.adfarm1.adition.com/banner?sid=3692289&wpt=H&ac=-1&bid=16707077&userid=7124704239831220522&clickurl=https://fra1-ib.adnxs.com/click?DJOpglFJfT9-VZF-uR52PwAAAIAUruc_flWRfrkedj8Mk6mCUUl9PylL6_YYHHgnjRdONcm4NVZWz6ZjAAAAAHlDgQEYKAAAYQwAAAIAAAAbqS0XnuYfAAAAAABVU0QARVVSACwB-gAx-QAAAAABAQUCAAAAAMoAoiEAmAAAAAA./bcr=AAAAAAAA8D8=/cnd=%21-Rae2QjX9uMZEJvStrkBGJ7NfyAAKAAxAAAAAAAACEA6CUZSQTE6NjU0NUCIMElIMxZNZyfuP1EAAAAAAAAAAFkAAAAAAAAAAGG4HoXrUbieP2kAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MzE2OSNGUkExOjY1NDU=/bn=99145/clickenc=
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad4.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
fe6ff091003702c9fb1bc270130641e902d2699b7ceefee69da48175f287d7f8

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 11:07:21 +0100
expires
Sat, 01 Jan 2000 00:00:00 GMT
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pragma
no-cache
server
ADITIONSERVER v1.0
async_usersync.html
acdn.adnxs.com/dmp/ Frame DD06 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
53029
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 24 Dec 2022 10:07:21 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 15 Dec 2022 19:23:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
100, 270955
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220068-HHN
X-Timer
S1671876441.426434,VS0,VE0
rd_log
fra1-ib.adnxs.com/ Frame CE34 		0
930 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fforward.com%2F&e=wqT_3QLIDfBMyAYAAAMA1gAFAQjWnpudBhCplq23j4OHvCcYja-4qpOZ7ppWKjYJDJOpglFJfT8RflWRfrkedj8ZAAAAgBSu5z8hflWRfrkedj8pDJMJJPCaMQAAAEDheoQ_MPmGhQw4mFBA4RhIAlCb0ra5AViezX9gAGix8pcBeMmGBoABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJpdWYoJ2EnLCA0NTA2MTg4LCAwKTt1ZignaScsIDc2NTY5MjYsIDApO3VmKCdnJywgMTkxMDI1MDcsIDAJKTxzJywgMjc4NTgwOTIyLCAwCRYwcicsIDM4ODg2ODM3OQUW9IEBkgKJBSFRbjktTEFqWDl1TVpFSnZTdHJrQkdBQWduczFfTUFFNEFFQUFTT0VZVVBtR2hReFlBR0M5Qm1nQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkFxZ0JBckFCQUxrQk5FNWNPNVdXZXpfQkFmUkQ0TFgzUm4wX3lRRUFBQURBek16c1A5a0JTRE1XVFdjbjdqX2dBZDZyMHdQMUFRQUFRRUNZQWdDZ0FnQzFBZ0FBQUFDOUFnQUFBQURBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0SWdfeS1KeEFFR0FFdHdYS3dPYUlERXdpdDBfTW1FQW9ZQVMxbVptWV9NZ04xYm5HaUF3NEltcm1ZSlJBTEdBSXRBQUFBQUxvRENVWlNRVEU2TmpVME5lQURpRENBQkpIa3FnbUlCTENKcXdtUUJBR1lCQVN5QkFrSXZ1b1JFSl9jcEEyNkJCa0k3UWdSdUI2RjYxRzRuajhaQUFBQUEBy1hBQWd2dW9Sd1FTNEhvWHJVYmllUDhrRQkbAQEYRFlCQUR4QgELDQF4aUFXUk01Z0Z1cDNyaEFHcEJVZ3pGazFuSi00X3NRVQ0mFEFBQU1FRgEHCQE4REpCUUFBQUtBTGF1a18wLigABE5rFSi4OERfZ0Jjc0Y4QVdyOW8wSi1BWE1oSk1DZ2dZRFJWVlNpQVlBa0FZQm1BWUFvUVkJWzRBQUlRS2dHQkxJR0pBaxEUCEFBQh3HBEJrGRgAQx0YRExnR0NnLi6aApkBIS1SYWUyUTqNAhBKN05meQG4BEF4EUIsQ0VBNkNVWlNRVEU2JZFAVUNJTUVsSU14Wk5aeWZ1UDEdYQBGHXkMR0c0SDFlADIdGABIHTAMSGdBaUWhAQHwQER3UHcuLtgCAOACm4VO6gIUaHR0cHM6Ly9mb3J3YXJkLmNvbS_yAhEKBkFEVl9JRBIHNDUwNjE4OPICEgoGQ1BHARQECDFtowEVCAVDUAEUAAl1ojzyAg0KCEFEVl9GUkVREgEwBRAcUkVNX1VTRVIFEAAVCSBYQ09ERRIJTEFNQk9fMTM28gIMCghDUEcJGBwA8gILCgdDUBUOEBAKBUlPAWoIBzc2hTUFIQRJTxUhOBMKD0NVU1RPTV9NT0RFTAErFADyAhoKFjIWACBMRUFGX05BTUUBHQgeCho2HQAIQVNUAT4QSUZJRUQBIRwVCghTUExJVAFNGeLwhoADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA_DSkgHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMODAuMjU1LjcuMTA4qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANIEDjMxNjkjRlJBMTo2NTQ12gQCCAHgBAHwBKWiIIgFAZgFAKAF_xEBGAHABQDJBQAFARTwP9IFCQkFC3wAAADYBQHgBQHwBavvSfoFBAgAEACQBgCYBgC4BgDBBgEhMAAA8D_QBv8L2gYWChAJERkBcBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHyYYG0gcNFWQBJgjaBwYBXXAYAOAHAOoHAggA8AeWxQOKCAIQAJUIAACAP5gIAQ..&s=a047588dfa4be484219f9e57479d4d0523364091&bdref=https%3A%2F%2Fforward.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fforward.com%2F,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dglwywkm%26e%3D1971603729092,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dglwywkm%26e%3D1971603729092&
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:21 GMT
AN-X-Request-Uuid
b9749309-5b83-4694-ac55-06692354bb27
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
trk.js
cdn.adnxs.com/v/s/231/ Frame CE34 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/231/trk.js
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a6014f6b98eaeb6078b9e1c953c61f33af95d5f4866d89a416d01b74a0dd6c27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Expires
Wed, 06 Dec 2023 04:35:13 GMT
Date
Sat, 24 Dec 2022 10:07:21 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
1575128
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27455
X-Served-By
cache-lga13620-LGA, cache-hhn-etou8220052-HHN
Last-Modified
Wed, 30 Nov 2022 10:07:25 GMT
Server
AkamaiNetStorage
X-Timer
S1671876441.426199,VS0,VE0
ETag
"48b9fe7fe4120aea6f95a30f505d7b35:1669802845.0694"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
17, 2166493
it
fra1-ib.adnxs.com/ Frame CE34 		0
930 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fforward.com%252F&e=wqT_3QKoC_BMqAUAAAMA1gAFAQjWnpudBhCplq23j4OHvCcYja-4qpOZ7ppWKjYJDJOpglFJfT8RflWRfrkedj8ZAAAAgBSu5z8hflWRfrkedj8pDJMJJPCaMQAAAEDheoQ_MPmGhQw4mFBA4RhIAlCb0ra5AViezX9gAGix8pcBeMmGBoABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJpdWYoJ2EnLCA0NTA2MTg4LCAwKTt1ZignaScsIDc2NTY5MjYsIDApO3VmKCdnJywgMTkxMDI1MDcsIDAJKTxzJywgMjc4NTgwOTIyLCAwCRYwcicsIDM4ODg2ODM3OQUW9IEBkgKJBSFRbjktTEFqWDl1TVpFSnZTdHJrQkdBQWduczFfTUFFNEFFQUFTT0VZVVBtR2hReFlBR0M5Qm1nQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkFxZ0JBckFCQUxrQk5FNWNPNVdXZXpfQkFmUkQ0TFgzUm4wX3lRRUFBQURBek16c1A5a0JTRE1XVFdjbjdqX2dBZDZyMHdQMUFRQUFRRUNZQWdDZ0FnQzFBZ0FBQUFDOUFnQUFBQURBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0SWdfeS1KeEFFR0FFdHdYS3dPYUlERXdpdDBfTW1FQW9ZQVMxbVptWV9NZ04xYm5HaUF3NEltcm1ZSlJBTEdBSXRBQUFBQUxvRENVWlNRVEU2TmpVME5lQURpRENBQkpIa3FnbUlCTENKcXdtUUJBR1lCQVN5QkFrSXZ1b1JFSl9jcEEyNkJCa0k3UWdSdUI2RjYxRzRuajhaQUFBQUEBy1hBQWd2dW9Sd1FTNEhvWHJVYmllUDhrRQkbAQEYRFlCQUR4QgELDQF4aUFXUk01Z0Z1cDNyaEFHcEJVZ3pGazFuSi00X3NRVQ0mFEFBQU1FRgEHCQE4REpCUUFBQUtBTGF1a18wLigABE5rFSi4OERfZ0Jjc0Y4QVdyOW8wSi1BWE1oSk1DZ2dZRFJWVlNpQVlBa0FZQm1BWUFvUVkJWzRBQUlRS2dHQkxJR0pBaxEUCEFBQh3HBEJrGRgAQx0YRExnR0NnLi6aApkBIS1SYWUyUTqNAhBKN05meQG4BEF4EUIsQ0VBNkNVWlNRVEU2JZFAVUNJTUVsSU14Wk5aeWZ1UDEdYQBGHXkMR0c0SDFlADIdGABIHTAMSGdBaUWhAQHw10R3UHcuLtgCAOACm4VO6gIUaHR0cHM6Ly9mb3J3YXJkLmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APw0pIB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDgwLjI1NS43LjEwOKgEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADSBA4zMTY5I0ZSQTE6NjU0NdoEAggB4AQB8ASb0ra5AYgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAAAAEOcNgFAeAFAfAFq-9J-gUECAAQAJAGAJgGALgGAMEGASEwAADwP9AG_wvaBhYKEAkRGQF0EAAYAOAGAfIGAggAgAcBiAcAoAcByAfJhgbSBw0JESgBJgjaBwYBXXAYAOAHAOoHAggA8AeWxQOKCAIQAJUIAACAP5gIAQ..&s=dddf42c511fd6792a7099667b02fb97035e818b3
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:21 GMT
AN-X-Request-Uuid
56e8e328-bd31-435f-abce-1563fa5db05e
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
skeleton.js
pixel.adsafeprotected.com/rjss/st/1193981/66062622/ Frame CE34 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/rjss/st/1193981/66062622/skeleton.js
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.4.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-4-225.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:21 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
m
secure-gl.imrworldwide.com/cgi-bin/ Frame CE34 		44 B
751 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn361438&cr=388868379&ce=esome_com&pc=AP_278580922&ci=nlsnci1671&am=4&at=view&rt=banner&st=image&cy=1&gdpr=0&gdpr_consent=&r=55309941
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:3c00:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:21 GMT
via
1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy
cross-origin
content-length
44
pragma
no-cache
server
nginx
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods
POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
x-amz-cf-id
ZT5ssoLXHbfzJGTwGuckAmBiBEh97qgOOfHs1RdyR0au8Lxx5SxtwQ==
expires
Thu, 01 Dec 1994 16:00:00 GMT
html5API.js
cdn.flashtalking.com/frameworks/js/api/2/10/ Frame ED46 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/129256/3290827/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
b24207967ac402c984033e70a55264014d8a2c4a6528b5196881e3781f0c5a44

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:21 GMT
Content-Encoding
gzip
x-amz-request-id
3TCAAFNTXJCJJJ6N
Connection
Keep-Alive
Content-Length
28626
x-amz-id-2
jBlf9FdD9KbbhnAFx4NA/lMdybupLdPlhkpSWkn92J2dLL7oN0S3J8vMulnI6xl4G4vlqflcH8o=
Last-Modified
Mon, 15 Aug 2022 14:14:24 GMT
ETag
"1660572864"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-HW
1671876439.dop004.fr8.shc,1671876440.dop004.fr8.t,1671876441.cds260.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=15266
Accept-Ranges
bytes
gsap.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.2.6/ Frame ED46 		58 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.2.6/gsap.min.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/129256/3290827/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddaae7809050477153c9e46d2f79ae00615a19c2fc887b2e6d83aaab8f2604bc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:21 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3254386
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21169
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-e6bb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k9zyEZ1s8ByW6IBJDONzGSuJxf5HNBLjtkPadfKfAmLzNWPOtJxKXEWe6HbRatOB2LlcG2Ac9VtyLW1VfsaOMmmXb5xdUacmfxz3iDMCgQCrDUGvJxLckJFfs9neyIUK1SAIA9M%2FncEFTUw3Z2qh678M"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e8878efb649b5b-FRA
expires
Thu, 14 Dec 2023 10:07:21 GMT
SplitText.min.js
cdn.flashtalking.com/129256/3290827/js/ Frame ED46 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/129256/3290827/js/SplitText.min.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/129256/3290827/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
72066761670e67f7821cf496191827c6835c2dbb89b031a7ca498efd31c60d12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:21 GMT
Content-Encoding
gzip
x-amz-request-id
CH7RYEJYASR0TWQY
Connection
Keep-Alive
Content-Length
5155
x-amz-id-2
ToveK1yM+HG+cG1mIOQYwajzQFZjC/KN/HX9Z7g2GuqgdegIIgHRJd6bCu3n7L6PIm2zC7bveBQ=
Last-Modified
Mon, 28 Dec 2020 13:38:21 GMT
ETag
"1609162701"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
X-HW
1671876439.dop231.fr8.t,1671876439.cds164.fr8.shn,1671876440.dop231.fr8.t,1671876441.cds274.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1099
Accept-Ranges
bytes
html5API.js
cdn.flashtalking.com/frameworks/js/api/2/10/ Frame 1A6B 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/129256/3290827/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
b24207967ac402c984033e70a55264014d8a2c4a6528b5196881e3781f0c5a44

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:21 GMT
Content-Encoding
gzip
x-amz-request-id
3TCAKCN90Q9PME8W
Connection
Keep-Alive
Content-Length
28626
x-amz-id-2
7fnC0xP1SetsKtKpzqjHTWFnfaqJ+Ih/vEnk9lztgC8Pz8xmtvUBO+PlLvQu2YgZ9pLpvAaqMlU=
Last-Modified
Mon, 15 Aug 2022 14:14:24 GMT
ETag
"1660572864"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-HW
1671876439.dop144.fr8.t,1671876439.cds052.fr8.shn,1671876440.dop144.fr8.t,1671876441.cds274.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=15902
Accept-Ranges
bytes
gsap.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.2.6/ Frame 1A6B 		58 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.2.6/gsap.min.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/129256/3290827/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddaae7809050477153c9e46d2f79ae00615a19c2fc887b2e6d83aaab8f2604bc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:21 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3254386
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21169
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-e6bb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PUmfvBJoxQu741x0IPyZw7JRqVuEKpTMaIm3GEw3GvlrDYD6fiv5Nb1OAlqiPrm7qkjoTqAgHk5iR6opZv6bzxf2sqN8dIXFgv%2BLdB0LabadyirrDsdbf6bR4imJUP9vRBujR6l%2B9zmDHljU4kRR5JL6"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e8878f0b879b5b-FRA
expires
Thu, 14 Dec 2023 10:07:21 GMT
SplitText.min.js
cdn.flashtalking.com/129256/3290827/js/ Frame 1A6B 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/129256/3290827/js/SplitText.min.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/129256/3290827/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
72066761670e67f7821cf496191827c6835c2dbb89b031a7ca498efd31c60d12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:21 GMT
Content-Encoding
gzip
x-amz-request-id
CH7RYEJYASR0TWQY
Connection
Keep-Alive
Content-Length
5155
x-amz-id-2
ToveK1yM+HG+cG1mIOQYwajzQFZjC/KN/HX9Z7g2GuqgdegIIgHRJd6bCu3n7L6PIm2zC7bveBQ=
Last-Modified
Mon, 28 Dec 2020 13:38:21 GMT
ETag
"1609162701"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
X-HW
1671876439.dop133.fr8.t,1671876439.cds107.fr8.shn,1671876440.dop133.fr8.t,1671876441.cds274.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1099
Accept-Ranges
bytes
html5API.js
cdn.flashtalking.com/frameworks/js/api/2/10/ Frame E2E0 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/129256/3290827/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
b24207967ac402c984033e70a55264014d8a2c4a6528b5196881e3781f0c5a44

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:21 GMT
Content-Encoding
gzip
x-amz-request-id
3TCAKCN90Q9PME8W
Connection
Keep-Alive
Content-Length
28626
x-amz-id-2
7fnC0xP1SetsKtKpzqjHTWFnfaqJ+Ih/vEnk9lztgC8Pz8xmtvUBO+PlLvQu2YgZ9pLpvAaqMlU=
Last-Modified
Mon, 15 Aug 2022 14:14:24 GMT
ETag
"1660572864"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-HW
1671876439.dop144.fr8.t,1671876439.cds052.fr8.shn,1671876440.dop144.fr8.t,1671876441.cds274.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=15902
Accept-Ranges
bytes
gsap.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.2.6/ Frame E2E0 		58 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.2.6/gsap.min.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/129256/3290827/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddaae7809050477153c9e46d2f79ae00615a19c2fc887b2e6d83aaab8f2604bc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:21 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3254386
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21169
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-e6bb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ZI6C1ILS76BVg98KcKBA5htrddRo8WPfWW%2FzEx7n8VplxcvassyYYQa0OrAuLB7QSKf2SCfgm7Xf6kSjSBwKnrMiwnIp9wyt%2BO3BnaYM52Vxr069yZsOghDi9XgDR9WHmPBUkDD5ovtW7d1ahWWtqao"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e8878fdd069b5b-FRA
expires
Thu, 14 Dec 2023 10:07:21 GMT
SplitText.min.js
cdn.flashtalking.com/129256/3290827/js/ Frame E2E0 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/129256/3290827/js/SplitText.min.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/129256/3290827/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
72066761670e67f7821cf496191827c6835c2dbb89b031a7ca498efd31c60d12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:21 GMT
Content-Encoding
gzip
x-amz-request-id
CH7RYEJYASR0TWQY
Connection
Keep-Alive
Content-Length
5155
x-amz-id-2
ToveK1yM+HG+cG1mIOQYwajzQFZjC/KN/HX9Z7g2GuqgdegIIgHRJd6bCu3n7L6PIm2zC7bveBQ=
Last-Modified
Mon, 28 Dec 2020 13:38:21 GMT
ETag
"1609162701"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
X-HW
1671876439.dop133.fr8.t,1671876439.cds107.fr8.shn,1671876440.dop133.fr8.t,1671876441.cds274.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1099
Accept-Ranges
bytes
html5API.js
cdn.flashtalking.com/frameworks/js/api/2/10/ Frame 9A07 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/129256/3290827/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
b24207967ac402c984033e70a55264014d8a2c4a6528b5196881e3781f0c5a44

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:21 GMT
Content-Encoding
gzip
x-amz-request-id
3TCAKCN90Q9PME8W
Connection
Keep-Alive
Content-Length
28626
x-amz-id-2
7fnC0xP1SetsKtKpzqjHTWFnfaqJ+Ih/vEnk9lztgC8Pz8xmtvUBO+PlLvQu2YgZ9pLpvAaqMlU=
Last-Modified
Mon, 15 Aug 2022 14:14:24 GMT
ETag
"1660572864"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-HW
1671876439.dop133.fr8.t,1671876439.cds107.fr8.shn,1671876440.dop133.fr8.t,1671876441.cds274.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=15902
Accept-Ranges
bytes
gsap.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.2.6/ Frame 9A07 		58 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.2.6/gsap.min.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/129256/3290827/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddaae7809050477153c9e46d2f79ae00615a19c2fc887b2e6d83aaab8f2604bc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:21 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3254386
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21169
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-e6bb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pzl9D3nmgv0dPW8baNmHTtlPdloMMqx2wKB4wiOcUSUnJDYF99HJTw1%2BnLYEKbZ1d6LS%2FEg5U6bSyEh8Dbtw6d17uCNoTv4j7PvOuj%2F99LWYRnCILPZn%2BJk6QXAEsJ1XUc%2FU06YnXi1isiCuMNE3%2Fbim"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e887902d959b5b-FRA
expires
Thu, 14 Dec 2023 10:07:21 GMT
SplitText.min.js
cdn.flashtalking.com/129256/3290827/js/ Frame 9A07 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/129256/3290827/js/SplitText.min.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/129256/3290827/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
72066761670e67f7821cf496191827c6835c2dbb89b031a7ca498efd31c60d12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:21 GMT
Content-Encoding
gzip
x-amz-request-id
ND6WHQE4CAZGGY08
Connection
Keep-Alive
Content-Length
5155
x-amz-id-2
wU0Df1ig04P+/bV+L2BlTter3U8cB8SIxnpoDXCrxZ/mdkv5/4xI716eCl0xZNH1wZPRlmAObwM=
Last-Modified
Mon, 28 Dec 2020 13:38:21 GMT
ETag
"1609162701"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
X-HW
1671876439.dop004.fr8.shc,1671876440.dop004.fr8.t,1671876441.cds260.fr8.pr
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Accept-Ranges
bytes
demconf.jpg
dpm.demdex.net/ Frame 60A4
Redirect Chain
  • https://synchroscript.deliveryengine.adswizz.com/getUID?curl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D175765%26dpuuid%3D%24%7BUID%7D
  • https://dpm.demdex.net/ibs:dpid=175765&dpuuid=4b5d332ddeaee719729a2cbacdf7898e
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=175765&dpuuid=4b5d332ddeaee719729a2cbacdf7898e
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=175765&dpuuid=4b5d332ddeaee719729a2cbacdf7898e
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2001415.html
Protocol
HTTP/1.1
Server
34.240.144.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-144-110.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v045-017f03edc.edge-irl1.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
kg4s2hCuRvQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-1-v045-0ed41892e.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
y6N8AcORTDE=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=175765&dpuuid=4b5d332ddeaee719729a2cbacdf7898e
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
afr.php
synchroscript.deliveryengine.adswizz.com/www/delivery/ Frame B35F 		402 B
992 B 		Document
General
Check archive.org
Download Go to
Full URL
https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Requested by
Host: cdn.adswizz.com
URL: https://cdn.adswizz.com/adswizz/js/SynchroClient2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.195.67.129 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-195-67-129.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e317d72184f175517e5c71273b70cc53d88e1bf4887e3fac1c1c7e448f83b323

Request headers

Referer
https://sync.serverbid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Charset
utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
402
Content-Type
text/html;charset=UTF-8
Date
Sat, 24 Dec 2022 10:07:21 GMT
Instance-id
i-0cbed9545c750d8cb
P3P
policyref="synchroscript.adswizz.com/docs/adswizz_adserver.htm", CP="CUR OUR NAV INT IND"
X-AdsWizz-Banner-Status-Code
-1
X-Adswizz-request-id
c1ce3320-8372-11ed-a5f4-0aab6c940bfd
X-Application-Context
application:production
X-Clacks-Overhead
GNU Terry Pratchett
demconf.jpg
dpm.demdex.net/ Frame 5B14
Redirect Chain
  • https://synchroscript.deliveryengine.adswizz.com/getUID?curl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D175765%26dpuuid%3D%24%7BUID%7D
  • https://dpm.demdex.net/ibs:dpid=175765&dpuuid=4b5d332ddeaee719729a2cbacdf7898e
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=175765&dpuuid=4b5d332ddeaee719729a2cbacdf7898e
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=175765&dpuuid=4b5d332ddeaee719729a2cbacdf7898e
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2001415.html
Protocol
HTTP/1.1
Server
34.240.144.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-144-110.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v045-05e780d2b.edge-irl1.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
7sZCYM96SMY=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v045-02cc342ef.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
dphKTHIzSYU=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=175765&dpuuid=4b5d332ddeaee719729a2cbacdf7898e
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
afr.php
synchroscript.deliveryengine.adswizz.com/www/delivery/ Frame 3BF9 		402 B
992 B 		Document
General
Check archive.org
Download Go to
Full URL
https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Requested by
Host: cdn.adswizz.com
URL: https://cdn.adswizz.com/adswizz/js/SynchroClient2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.195.67.129 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-195-67-129.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e317d72184f175517e5c71273b70cc53d88e1bf4887e3fac1c1c7e448f83b323

Request headers

Referer
https://sync.serverbid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Charset
utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
402
Content-Type
text/html;charset=UTF-8
Date
Sat, 24 Dec 2022 10:07:21 GMT
Instance-id
i-063ee0ce579eb75fa
P3P
policyref="synchroscript.adswizz.com/docs/adswizz_adserver.htm", CP="CUR OUR NAV INT IND"
X-AdsWizz-Banner-Status-Code
-1
X-Adswizz-request-id
c1ce5a30-8372-11ed-8646-024def20c865
X-Application-Context
application:production
X-Clacks-Overhead
GNU Terry Pratchett
banner
ad4.adfarm1.adition.com/ Frame BCC6 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4.adfarm1.adition.com/banner?sid=4787252&adjsver=3&fvers=&iframe=1&ref=https%3A//flashnetic.com/r/p.html%3Ff%3Dkwqcltffp%26e%3D1971603729092&ro=https%3A//flashnetic.com/r/p.html%3Ff%3Dkwqcltffp%26e%3D1971603729092&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/108.0.5359.124%20Safari/537.36&os=17&browser=11&userid=7180654624183416986&wi=923447651&ac=1&kw=%5Bmtp%5D%28cid%29406782908%5BAAID%5D%5BIDFA%5D%5Bu%5Dhttps%3A%2F%2Fforward.com%2F%5Bp%5D1654713%5Bmtp%5D%28segc%29&gdpr=0&screen_res=6&prf[ADVERTISINGID]=&prf[IDFA]=&prf[paadformat]=300x250&prf[paappid]=&prf[paauction]=8202722112698786336&prf[pacarrier]=1&prf[paclickid]=&prf[padevice]=0&prf[padevid]=&prf[padsp]=apx&prf[padspuserid]=6212074435349714829&prf[pageolat]=&prf[pageolon]=&prf[paplacementid]=6063205&prf[papublisherid]=1654713&prf[paref]=https://forward.com/&prf[pasource]=&prf[passp]=10264&prf[pasupplytype]=0&prf[pavendor]=&wpt=J&clickurl=https%3A%2F%2Ffra1%2Dib.adnxs.com%2Fclick%3Fyq8V4zQk4D%2D77vLtcNrYPwAAAIAUruc%5FRxz1wmt%5F5D%5FH155ZEqDqPyAipzZN7NVxjRdONcm4NVZWz6ZjAAAAAHlDgQEYKAAAsAQAAAIAAAC8Az8YnuYfAAAAAABVU0QARVVSACwB%2DgAx%2DQAAAAABAQUCAAAAAMoAuSfJEwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521%2DhFt%2DAjJo5YaELyH%5FMEBGJ7NfyAAKAAxAAAAAAAAAAA6CUZSQTE6NTMxOUCIMElIMxZNZyfuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTIwMCNGUkExOjUzMTk%3D%2Fbn%3D93185%2Fclickenc%3D
Requested by
Host: ad4.adfarm1.adition.com
URL: https://ad4.adfarm1.adition.com/js?wp_id=4787252&gdpr=0&gdpr_consent=&prf[paappid]=&prf[padevid]=&prf[IDFA]=&prf[ADVERTISINGID]=&prf[pasource]=&prf[paplacementid]=6063205&prf[papublisherid]=1654713&prf[paref]=https%3A%2F%2Fforward.com%2F&prf[pasupplytype]=0&prf[padsp]=apx&prf[padevice]=0&prf[paadformat]=300x250&prf[pavendor]=&prf[paclickid]=&prf[pacarrier]=1&prf[paauction]=8202722112698786336&prf[pageolat]=&prf[pageolon]=&prf[padspuserid]=6212074435349714829&prf[passp]=10264&keyword=[mtp](cid)406782908[AAID][IDFA][u]https%3A%2F%2Fforward.com%2F[p]1654713[mtp](segc)&clickurl=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3Fyq8V4zQk4D-77vLtcNrYPwAAAIAUruc_Rxz1wmt_5D_H155ZEqDqPyAipzZN7NVxjRdONcm4NVZWz6ZjAAAAAHlDgQEYKAAAsAQAAAIAAAC8Az8YnuYfAAAAAABVU0QARVVSACwB-gAx-QAAAAABAQUCAAAAAMoAuSfJEwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521-hFt-AjJo5YaELyH_MEBGJ7NfyAAKAAxAAAAAAAAAAA6CUZSQTE6NTMxOUCIMElIMxZNZyfuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTIwMCNGUkExOjUzMTk%3D%2Fbn%3D93185%2Fclickenc%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad4.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
eb91f6b6ad53658e45219d8163fdb35144c18242294a26469305fd4faac6c1d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:07:21 +0100
content-encoding
gzip
server
ADITIONSERVER v1.0
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
content-type
text/javascript
cache-control
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
demconf.jpg
dpm.demdex.net/ Frame 77F6
Redirect Chain
  • https://synchroscript.deliveryengine.adswizz.com/getUID?curl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D175765%26dpuuid%3D%24%7BUID%7D
  • https://dpm.demdex.net/ibs:dpid=175765&dpuuid=4b5d332ddeaee719729a2cbacdf7898e
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=175765&dpuuid=4b5d332ddeaee719729a2cbacdf7898e
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=175765&dpuuid=4b5d332ddeaee719729a2cbacdf7898e
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2001415.html
Protocol
HTTP/1.1
Server
34.240.144.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-144-110.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v045-0333db6ef.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
2v1eypdjQoc=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-1-v045-02fc48b13.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
vSlLBi/eSoE=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=175765&dpuuid=4b5d332ddeaee719729a2cbacdf7898e
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
afr.php
synchroscript.deliveryengine.adswizz.com/www/delivery/ Frame 20C0 		402 B
989 B 		Document
General
Check archive.org
Download Go to
Full URL
https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Requested by
Host: cdn.adswizz.com
URL: https://cdn.adswizz.com/adswizz/js/SynchroClient2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.195.67.129 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-195-67-129.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e317d72184f175517e5c71273b70cc53d88e1bf4887e3fac1c1c7e448f83b323

Request headers

Referer
https://sync.serverbid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Charset
utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
402
Content-Type
text/html;charset=UTF-8
Date
Sat, 24 Dec 2022 10:07:21 GMT
Instance-id
i-031be3f93af6cac74
P3P
policyref="synchroscript.adswizz.com/docs/adswizz_adserver.htm", CP="CUR OUR NAV INT IND"
X-AdsWizz-Banner-Status-Code
-1
X-Adswizz-request-id
c1cecf60-8372-11ed-9a0f-06e6a854711b
X-Application-Context
application:production
X-Clacks-Overhead
GNU Terry Pratchett
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 8045 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
Origin
https://flashnetic.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 09:14:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3183
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 25 Dec 2022 09:14:18 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/ Frame 8045 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N163801.2560713PROPERTYSOLUTIONS/B24035859.271673552;dc_ver=92.271;sz=728x90;u_sd=1;gdpr=0;aucid=5127083361354022725;crid=273202276;ioid=%24%7BINSERTION_ORDER_ID%7D;liid=%24%7BCAMPAIGN_ID%7D;segid=%24%7BPIXEL_ID_COMMA%7D;srcid=%24%7BSOURCE_URL%7D;dc_adk=3210668679;ord=wczkoj;click=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FNZ2dDI6Shz9rruNPfpGBPwAAAIA9Cu8_a67jT36RgT80nZ0MjpKHP0V_UhcnDydHjRdONcm4NVZVz6ZjAAAAAJdDgQEYKAAA6h8AAAIAAABkvEgQnuYfAAAAAABVU0QARVVSANgCWgAx-QAAAAABAQUCAAAAAMoA5yI1AAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521eRZTYwjV4JUXEOT4ooIBGJ7NfyAAKAAxmpmZmZmZuT86CUZSQTE6NTY4NUCIMEkAAAAAAADwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAADQP2kAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DODE3MCNGUkExOjU2ODU%3D%2Fbn%3D75884%2Fclickenc%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Fforward.com%2F$0;xdt=1;crlt=SGqX)'TyIK;gcsr=m;stc=1;chaa=1;sttr=1004;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 16:52:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
62116
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 06 Jan 2023 16:52:05 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 8045 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:30:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
290189
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Dec 2023 01:30:52 GMT
ca
choices.trustarc.com/ Frame 8045 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/ca?sz=728x90&c=345246278&cid=0&aid=sojern02_d&pid=sojern01&js=pmw0
Requested by
Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=sojern01&aid=sojern02_d&cid=0&c=345246278&sz=728x90&js=st_dapp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-110.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
53df44749e757fa59dc556d6051ff22db3550d416f0c62025486f981c1cd1609
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop
FRA2-C1
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
text/javascript;charset=UTF-8
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
61coN-rnmb6K6IC-9yFbsxJTuRtIudKnnX6HR8-vL7mG-5uEtJqC2A==
expires
Mon, 26 Jul 1997 05:00:00 GMT
demconf.jpg
dpm.demdex.net/ Frame BF67
Redirect Chain
  • https://synchroscript.deliveryengine.adswizz.com/getUID?curl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D175765%26dpuuid%3D%24%7BUID%7D
  • https://dpm.demdex.net/ibs:dpid=175765&dpuuid=4b5d332ddeaee719729a2cbacdf7898e
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=175765&dpuuid=4b5d332ddeaee719729a2cbacdf7898e
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=175765&dpuuid=4b5d332ddeaee719729a2cbacdf7898e
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2001415.html
Protocol
HTTP/1.1
Server
34.240.144.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-144-110.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v045-071cdea73.edge-irl1.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
dTwnzK5CTRg=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v045-0df7a788e.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
uY9bziGsQlI=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=175765&dpuuid=4b5d332ddeaee719729a2cbacdf7898e
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
afr.php
synchroscript.deliveryengine.adswizz.com/www/delivery/ Frame D10D 		402 B
991 B 		Document
General
Check archive.org
Download Go to
Full URL
https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Requested by
Host: cdn.adswizz.com
URL: https://cdn.adswizz.com/adswizz/js/SynchroClient2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.195.67.129 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-195-67-129.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e317d72184f175517e5c71273b70cc53d88e1bf4887e3fac1c1c7e448f83b323

Request headers

Referer
https://sync.serverbid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Charset
utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
402
Content-Type
text/html;charset=UTF-8
Date
Sat, 24 Dec 2022 10:07:21 GMT
Instance-id
i-013f5ad57f7e2cf96
P3P
policyref="synchroscript.adswizz.com/docs/adswizz_adserver.htm", CP="CUR OUR NAV INT IND"
X-AdsWizz-Banner-Status-Code
-1
X-Adswizz-request-id
c1cecf60-8372-11ed-816f-0218e39c04c3
X-Application-Context
application:production
X-Clacks-Overhead
GNU Terry Pratchett
demconf.jpg
dpm.demdex.net/ Frame 7502
Redirect Chain
  • https://synchroscript.deliveryengine.adswizz.com/getUID?curl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D175765%26dpuuid%3D%24%7BUID%7D
  • https://dpm.demdex.net/ibs:dpid=175765&dpuuid=4b5d332ddeaee719729a2cbacdf7898e
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=175765&dpuuid=4b5d332ddeaee719729a2cbacdf7898e
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=175765&dpuuid=4b5d332ddeaee719729a2cbacdf7898e
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2001415.html
Protocol
HTTP/1.1
Server
34.240.144.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-144-110.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v045-0cc0feb7f.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
UVLWT4J6Q8c=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v045-08c859e6d.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
W3IABGTTTRw=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=175765&dpuuid=4b5d332ddeaee719729a2cbacdf7898e
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
afr.php
synchroscript.deliveryengine.adswizz.com/www/delivery/ Frame 1589 		402 B
992 B 		Document
General
Check archive.org
Download Go to
Full URL
https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Requested by
Host: cdn.adswizz.com
URL: https://cdn.adswizz.com/adswizz/js/SynchroClient2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.195.67.129 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-195-67-129.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e317d72184f175517e5c71273b70cc53d88e1bf4887e3fac1c1c7e448f83b323

Request headers

Referer
https://sync.serverbid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Charset
utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
402
Content-Type
text/html;charset=UTF-8
Date
Sat, 24 Dec 2022 10:07:21 GMT
Instance-id
i-0fc5970cf1159337d
P3P
policyref="synchroscript.adswizz.com/docs/adswizz_adserver.htm", CP="CUR OUR NAV INT IND"
X-AdsWizz-Banner-Status-Code
-1
X-Adswizz-request-id
c1cef670-8372-11ed-917e-0aeafbebf547
X-Application-Context
application:production
X-Clacks-Overhead
GNU Terry Pratchett
B28229300.341734671;dc_ver=92.271;dc_eid=40004001;sz=300x250;u_sd=1;gdpr=0;aucid=395398358634871920;crid=372961557;ioid=%24%7BINSERTION_ORDER_ID%7D;liid=%24%7BCAMPAIGN_ID%7D;segid=%24%7BPIXEL_ID_CO...
ad.doubleclick.net/ddm/adj/N163801.2560713PROPERTYSOLUTIONS/ Frame D573 		65 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N163801.2560713PROPERTYSOLUTIONS/B28229300.341734671;dc_ver=92.271;dc_eid=40004001;sz=300x250;u_sd=1;gdpr=0;aucid=395398358634871920;crid=372961557;ioid=%24%7BINSERTION_ORDER_ID%7D;liid=%24%7BCAMPAIGN_ID%7D;segid=%24%7BPIXEL_ID_COMMA%7D;srcid=%24%7BSOURCE_URL%7D;dc_adk=2120841755;ord=5u1oyt;click=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3F8FAU6BN5gj9GICCYEYl7PwAAAIAUruc_RiAgmBGJez_wUBToE3mCP3A8NFe2vHwFjRdONcm4NVZWz6ZjAAAAAHlDgQEYKAAA6h8AAAIAAAAV8ToWnuYfAAAAAABVU0QARVVSACwB-gAx-QAAAAABAQUCAAAAAMoAaCGoSQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521XBZEVgjIhNQVEJXi67EBGJ7NfyAAKAAxmpmZmZmZuT86CUZSQTE6NTY4MUCIMEkAAAAAAADwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAADQP2kAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DODE3MCNGUkExOjU2ODE%3D%2Fbn%3D76861%2Fclickenc%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Fforward.com%2F$0;xdt=1;crlt=SGqX)'TyIK;gcsr=m;stc=1;chaa=1;sttr=1199;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v92.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
cafe /
Resource Hash
742f7355080a61bd7b067016c8eb7ebe29ac80e34dd83e95197acf3584b943c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:21 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27912
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2F0C 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N163801.2560713PROPERTYSOLUTIONS/B22045245.235138843;dc_ver=92.271;sz=728x90;u_sd=1;aucid=2378070731381729339;crid=240637446;ioid=%24%7BINSERTION_ORDER_ID%7D;liid=%24%7BCAMPAIGN_ID%7D;segid=%24%7BPIXEL_ID_COMMA%7D;srcid=%24%7BSOURCE_URL%7D;dc_adk=3504469854;ord=qvptfr;click=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FMUJ4tHHEij8gkyrgDvODPwAAAIA9Cu8_IJMq4A7zgz8xQni0ccSKPzvowgq7mgAhjRdONcm4NVZWz6ZjAAAAAJdDgQEYKAAA6h8AAAIAAAAG1lcOnuYfAAAAAABVU0QARVVSANgCWgAx-QAAAAABAQUCAAAAAMoAiiM4JgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521DhYmNAjn4pUXEIas33IYns1_IAAoADGamZmZmZm5PzoJRlJBMTo2Mzk1QIgwSQAAAAAAAPA_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAANA_aQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DODE3MCNGUkExOjYzOTU%3D%2Fbn%3D98890%2Fclickenc%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Fforward.com%2F$0;xdt=1;crlt=SGqX)'TyIK;stc=1;chaa=1;sttr=1014;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 24 Dec 2022 10:07:21 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/ Frame 2F0C 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N163801.2560713PROPERTYSOLUTIONS/B22045245.235138843;dc_ver=92.271;sz=728x90;u_sd=1;aucid=2378070731381729339;crid=240637446;ioid=%24%7BINSERTION_ORDER_ID%7D;liid=%24%7BCAMPAIGN_ID%7D;segid=%24%7BPIXEL_ID_COMMA%7D;srcid=%24%7BSOURCE_URL%7D;dc_adk=3504469854;ord=qvptfr;click=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FMUJ4tHHEij8gkyrgDvODPwAAAIA9Cu8_IJMq4A7zgz8xQni0ccSKPzvowgq7mgAhjRdONcm4NVZWz6ZjAAAAAJdDgQEYKAAA6h8AAAIAAAAG1lcOnuYfAAAAAABVU0QARVVSANgCWgAx-QAAAAABAQUCAAAAAMoAiiM4JgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521DhYmNAjn4pUXEIas33IYns1_IAAoADGamZmZmZm5PzoJRlJBMTo2Mzk1QIgwSQAAAAAAAPA_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAANA_aQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DODE3MCNGUkExOjYzOTU%3D%2Fbn%3D98890%2Fclickenc%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Fforward.com%2F$0;xdt=1;crlt=SGqX)'TyIK;stc=1;chaa=1;sttr=1014;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 16:52:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
62116
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 06 Jan 2023 16:52:05 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 2F0C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvFHruzd3NiXSm5Okp1uLs30dedcNH56-sxcfX_Ul1HQMfAp3AV5XtxI4S5rggBeTo4fqV4d9AL_eYY1MY5lGxVsEqml58dOx8ul9xRL-iKtaFxdSQDYNDD0a87Zf2V6zpEAwGPPLL3M3AF0zQKdP_hwbQPPg&sai=AMfl-YQ3iN8sl-b3KBZdkRejZxa1LFN4SxyDx2YbxAPuWp1ei8NfdB2CeX3oMLccmlMLMkPcf_xezqc3AYW7VflOZZRNYxTuK1goVQwFrkou&sig=Cg0ArKJSzMGeBAhNzbiDEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20221207.26517&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N163801.2560713PROPERTYSOLUTIONS/B22045245.235138843;dc_ver=92.271;sz=728x90;u_sd=1;aucid=2378070731381729339;crid=240637446;ioid=%24%7BINSERTION_ORDER_ID%7D;liid=%24%7BCAMPAIGN_ID%7D;segid=%24%7BPIXEL_ID_COMMA%7D;srcid=%24%7BSOURCE_URL%7D;dc_adk=3504469854;ord=qvptfr;click=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FMUJ4tHHEij8gkyrgDvODPwAAAIA9Cu8_IJMq4A7zgz8xQni0ccSKPzvowgq7mgAhjRdONcm4NVZWz6ZjAAAAAJdDgQEYKAAA6h8AAAIAAAAG1lcOnuYfAAAAAABVU0QARVVSANgCWgAx-QAAAAABAQUCAAAAAMoAiiM4JgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521DhYmNAjn4pUXEIas33IYns1_IAAoADGamZmZmZm5PzoJRlJBMTo2Mzk1QIgwSQAAAAAAAPA_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAANA_aQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DODE3MCNGUkExOjYzOTU%3D%2Fbn%3D98890%2Fclickenc%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Fforward.com%2F$0;xdt=1;crlt=SGqX)'TyIK;stc=1;chaa=1;sttr=1014;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:21 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 24 Dec 2022 10:07:21 GMT
ca
choices.truste.com/ Frame 2F0C 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.truste.com/ca?pid=sojern01&aid=sojern02&cid=22045245&js=st0
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N163801.2560713PROPERTYSOLUTIONS/B22045245.235138843;dc_ver=92.271;sz=728x90;u_sd=1;aucid=2378070731381729339;crid=240637446;ioid=%24%7BINSERTION_ORDER_ID%7D;liid=%24%7BCAMPAIGN_ID%7D;segid=%24%7BPIXEL_ID_COMMA%7D;srcid=%24%7BSOURCE_URL%7D;dc_adk=3504469854;ord=qvptfr;click=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FMUJ4tHHEij8gkyrgDvODPwAAAIA9Cu8_IJMq4A7zgz8xQni0ccSKPzvowgq7mgAhjRdONcm4NVZWz6ZjAAAAAJdDgQEYKAAA6h8AAAIAAAAG1lcOnuYfAAAAAABVU0QARVVSANgCWgAx-QAAAAABAQUCAAAAAMoAiiM4JgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521DhYmNAjn4pUXEIas33IYns1_IAAoADGamZmZmZm5PzoJRlJBMTo2Mzk1QIgwSQAAAAAAAPA_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAANA_aQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DODE3MCNGUkExOjYzOTU%3D%2Fbn%3D98890%2Fclickenc%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Fforward.com%2F$0;xdt=1;crlt=SGqX)'TyIK;stc=1;chaa=1;sttr=1014;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-7.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
f70979cd416422e7424e08403d35026e241a1dd2bf3c705d255acb200eae9d13
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 ff2bcb2d3b4a3d9e0615ddd1033c38c4.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop
FRA2-C2
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
8029
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
text/javascript;charset=UTF-8
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
MtPi0jRdLnXfmfHzIqATeHzNc4EAwqIeFdZar71LVRQ2MIv75cUSMg==
expires
Mon, 26 Jul 1997 05:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 2F0C 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N163801.2560713PROPERTYSOLUTIONS/B22045245.235138843;dc_ver=92.271;sz=728x90;u_sd=1;aucid=2378070731381729339;crid=240637446;ioid=%24%7BINSERTION_ORDER_ID%7D;liid=%24%7BCAMPAIGN_ID%7D;segid=%24%7BPIXEL_ID_COMMA%7D;srcid=%24%7BSOURCE_URL%7D;dc_adk=3504469854;ord=qvptfr;click=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FMUJ4tHHEij8gkyrgDvODPwAAAIA9Cu8_IJMq4A7zgz8xQni0ccSKPzvowgq7mgAhjRdONcm4NVZWz6ZjAAAAAJdDgQEYKAAA6h8AAAIAAAAG1lcOnuYfAAAAAABVU0QARVVSANgCWgAx-QAAAAABAQUCAAAAAMoAiiM4JgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521DhYmNAjn4pUXEIas33IYns1_IAAoADGamZmZmZm5PzoJRlJBMTo2Mzk1QIgwSQAAAAAAAPA_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAANA_aQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DODE3MCNGUkExOjYzOTU%3D%2Fbn%3D98890%2Fclickenc%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Fforward.com%2F$0;xdt=1;crlt=SGqX)'TyIK;stc=1;chaa=1;sttr=1014;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:30:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
290189
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Dec 2023 01:30:52 GMT
6465422836001442454
s0.2mdn.net/simgad/ Frame 2F0C 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/6465422836001442454
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=fcxutwsyos&e=1535582086632
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e7909570b779fbfad32140f51531d5556f1f14d18153c0776ed1e571f9495b60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 18 Dec 2022 11:19:56 GMT
x-content-type-options
nosniff
age
514045
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61087
x-xss-protection
0
last-modified
Fri, 04 Sep 2020 17:47:23 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 18 Dec 2023 11:19:56 GMT
dcm
beacon.sojern.com/imp/ Frame 2F0C 		42 B
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.sojern.com/imp/dcm?auc=2378070731381729339&io=${INSERTION_ORDER_ID}&li=${CAMPAIGN_ID}&cr=240637446&io=${INSERTION_ORDER_ID}&seg=${PIXEL_ID_COMMA}&src=${SOURCE_URL}&ord=%c
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=fcxutwsyos&e=1535582086632
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
119.244.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
date
Sat, 24 Dec 2022 10:07:21 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
vary
Accept-Encoding
content-type
image/gif
ca
choices.trustarc.com/ Frame 2F0C 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/ca?sz=728x90&c=1038714079&cid=0&aid=sojern02_d&pid=sojern01&js=pmw0
Requested by
Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=sojern01&aid=sojern02_d&cid=0&c=1038714079&sz=728x90&js=st_dapp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-110.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
cc63c1d06a8544ade6cd9cbf1c01d02df0decafec7414c3838349473f76dfb50
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop
FRA2-C1
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
text/javascript;charset=UTF-8
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
b0d0Llgb-hxmv-4uNvhFUWzRmJOkBkVO3ad0GaFRp_NtYp0ukcL8ow==
expires
Mon, 26 Jul 1997 05:00:00 GMT
integrator.js
adservice.google.de/adsid/ Frame 2670 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=forward.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 2670 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=forward.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 2670 		534 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3161750156154967&correlator=637016928621740&eid=31071221%2C31068367&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=21671350435%3A22712312433%2C300x250-forward.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=3815971526&sfv=1-0-40&fsfs=1&eri=1&sc=1&cookie=ID%3D00d71eeb7218a6f1%3AT%3D1671876435%3AS%3DALNI_MZj7UvGLW8KA8qVkkACX9ZboIyD-A&gpic=UID%3D00000b97e6383860%3AT%3D1671876435%3ART%3D1671876435%3AS%3DALNI_Ma8AlKNCprDUKxC_SPmXoQIE3cynA&abxe=1&dt=1671876441718&lmt=1671876441&dlt=1671876438061&idt=2416&adxs=1170&adys=3802&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=1&ucis=2g0gifoxarn&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=2&url=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F&ref=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F&top=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F&frm=23&vis=1&psz=300x250&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=550322770.1671876434&ga_sid=1671876442&ga_hid=294684609&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1ec690ccdc5918020921360eb819808d4f4140c29471115ddad670cfa9afaf0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:21 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
270
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://forward.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 2670 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c83fbfb400086629d2d7afb35b65757fd1f454f33ce2a4701a018904025b4ced
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:21 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11304
x-xss-protection
0
container.html
dd03b60b7cea74449bd5679d8ed8afe5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C5AB 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dd03b60b7cea74449bd5679d8ed8afe5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 24 Dec 2022 10:07:21 GMT
expires
Sun, 24 Dec 2023 10:07:21 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 3516 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
Origin
https://flashnetic.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 09:14:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3183
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 25 Dec 2022 09:14:18 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/ Frame 3516 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N163801.2560713PROPERTYSOLUTIONS/B24050075.272021061;dc_ver=92.271;sz=728x90;u_sd=1;gdpr=0;aucid=2665707921651158563;crid=277208876;ioid=%24%7BINSERTION_ORDER_ID%7D;liid=%24%7BCAMPAIGN_ID%7D;segid=%24%7BPIXEL_ID_COMMA%7D;srcid=%24%7BSOURCE_URL%7D;dc_adk=1796769762;ord=194xxb;click=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FBdhHp658hj9vXRrQZcKAPwAAAIA9Cu8_b10a0GXCgD8G2EenrnyGPyNO9jA7f_4kjRdONcm4NVZWz6ZjAAAAAJdDgQEYKAAA6h8AAAIAAAAs34UQnuYfAAAAAABVU0QARVVSANgCWgAx-QAAAAABAQUCAAAAAMoAaiRLbAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521SRaYUgjgxv0SEKy-l4QBGJ7NfyAAKAAxmpmZmZmZuT86CUZSQTE6NjYzMECIMEkAAAAAAADwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAADQP2kAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DODE3MCNGUkExOjY2MzA%3D%2Fbn%3D99396%2Fclickenc%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Fforward.com%2F$0;xdt=1;crlt=SGqX)'TyIK;gcsr=m;stc=1;chaa=1;sttr=1007;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 16:52:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
62116
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 06 Jan 2023 16:52:05 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 3516 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:30:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
290189
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Dec 2023 01:30:52 GMT
ca
choices.trustarc.com/ Frame 3516 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/ca?sz=728x90&c=1238630086&cid=0&aid=sojern02_d&pid=sojern01&js=pmw0
Requested by
Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=sojern01&aid=sojern02_d&cid=0&c=1238630086&sz=728x90&js=st_dapp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-110.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
6eb9b2c1d404a4b912ab9d2004bd9be92decbde5873bec003c34f19a3483c701
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop
FRA2-C1
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
text/javascript;charset=UTF-8
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
vHxYpAW8So3jF1_0QDknn2QUvQf0ilZXoOLCTNh4NO4gh4U97XuWhQ==
expires
Mon, 26 Jul 1997 05:00:00 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame BE2C 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
Origin
https://flashnetic.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 09:14:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3183
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 25 Dec 2022 09:14:18 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/ Frame BE2C 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N163801.2560713PROPERTYSOLUTIONS/B24120111.272942961;dc_ver=92.271;dc_eid=40004000;sz=728x90;u_sd=1;aucid=2515534623547100295;crid=240664030;ioid=%24%7BINSERTION_ORDER_ID%7D;liid=%24%7BCAMPAIGN_ID%7D;segid=%24%7BPIXEL_ID_COMMA%7D;srcid=%24%7BSOURCE_URL%7D;dc_adk=1597316667;ord=4gx07e;click=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3F0ytlGeJYhz_aJEHjgmaBPwAAAIA9Cu8_2iRB44JmgT_TK2UZ4liHP4eMuIhp-egijRdONcm4NVZWz6ZjAAAAAJdDgQEYKAAA6h8AAAIAAADePVgOnuYfAAAAAABVU0QARVVSANgCWgAx-QAAAAABAQUCAAAAAMoAdiXlzQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521cRbLWQi3ktUVEN774HIYns1_IAAoADGamZmZmZm5PzoJRlJBMTo2NjE3QIgwSQAAAAAAAPA_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAANA_aQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DODE3MCNGUkExOjY2MTc%3D%2Fbn%3D99354%2Fclickenc%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Fforward.com%2F$0;xdt=1;crlt=SGqX)'TyIK;stc=1;chaa=1;sttr=1017;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 16:52:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
62116
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 06 Jan 2023 16:52:05 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame BE2C 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:30:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
290189
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Dec 2023 01:30:52 GMT
ca
choices.trustarc.com/ Frame BE2C 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/ca?sz=728x90&c=1988710481&cid=0&aid=sojern02_d&pid=sojern01&js=pmw0
Requested by
Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=sojern01&aid=sojern02_d&cid=0&c=1988710481&sz=728x90&js=st_dapp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-110.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
d28d908a1a394a8e9ed6aa4b494540dceb1c1d5177dcc904e818fbdfc1cfac2c
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop
FRA2-C1
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
text/javascript;charset=UTF-8
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
V4T3qJCPw6Y74AXZoiWEGj1R_3EmD4nwGeb04D5n_Ge820eLyGn0XA==
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
adv.office-partner.de/ Frame 490A 		930 B
931 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request.php?zone=9odysa1gd1m7&nw=20&renderingType=javascript&namespace=80b1edea75&subid=&uid=78c8377b5e12e4a7&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D606178722513727505%26mt_id%3D6622401%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dsnklkezbm%26e%3D1535582086632&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fforward.com&random=5930284631568&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:401::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=604800
content-encoding
gzip
content-length
552
content-type
text/html
date
Sat, 24 Dec 2022 10:07:21 GMT
etag
"3a2-5c1ab16b3be00-gzip"
expires
Sat, 31 Dec 2022 10:07:21 GMT
last-modified
Thu, 06 May 2021 15:37:28 GMT
link
<https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server
keycdn-engine
vary
Accept-Encoding
x-accel-version
0.01
x-cache
HIT
x-edge-location
atvi
index.html
www.parship.de/wplp/htlp/de/ Frame AD68
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2661283&v=11524&q=391598&r=296283&pref1=44963500034056600951421012183010&pv=1
  • https://trf.greatviews.de/cl?m315=c&q=nyVlHJ2acuRY7q9fsD728kyQ
  • https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1671876442.5712300.c1e9ff4c-8372-11ed-b29e-00155d255900ID
558 B
896 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1671876442.5712300.c1e9ff4c-8372-11ed-b29e-00155d255900ID
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request.php?zone=9odysa1gd1m7&nw=20&renderingType=javascript&namespace=80b1edea75&subid=&uid=78c8377b5e12e4a7&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D606178722513727505%26mt_id%3D6622401%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dsnklkezbm%26e%3D1535582086632&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fforward.com&random=5930284631568&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b979 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17456f8db64aa1850fded220ab227c27b308fa5197c09e35cdf108b91a688bcd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
15
cache-control
private, no-cache, no-store, proxy-revalidate, no-transform
cdn-cache-control
max-age=30, stale-if-error=432000
cf-cache-status
HIT
cf-ray
77e887943dd29036-FRA
content-encoding
gzip
content-length
325
content-type
text/html; charset=utf-8
date
Sat, 24 Dec 2022 10:07:22 GMT
last-modified
Mon, 28 Feb 2022 14:30:12 GMT
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
server
cloudflare
strict-transport-security
max-age=15552000
vary
Accept-Encoding
x-content-type-options
nosniff
x-ua-compatible
IE=edge

Redirect headers

access-control-allow-origin
*
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 10:07:22 GMT
location
https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1671876442.5712300.c1e9ff4c-8372-11ed-b29e-00155d255900ID
p3p
policyref="/w3c/p3p.xml", CP="DSP COR NID OUR IND COM NAV INT"
server
nginx
server-id
12
x-robots-tag
noindex, nofollow
link.html
track.webgains.com/ Frame 3B7F 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=44963500034056600951421012183010&nw=1
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.41.252.217 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-41-252-217.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
40875a2d79a324819af209317194bc0450758862339e0ad2e4780655027dd1c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:21 GMT
last-modified
Sat, 24 Dec 2022 10:07:21 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Sat, 24 Dec 2022 10:08:21 GMT
activityi;dc_pre=CPKpuIuBkvwCFYPJOwIdtXsNwA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8615419870541.607
5994599.fls.doubleclick.net/ Frame FC81
Redirect Chain
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8615419870541.607?
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CPKpuIuBkvwCFYPJOwIdtXsNwA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8615419870541.607?
391 B
240 B 		Document
General
Check archive.org
Download Go to
Full URL
https://5994599.fls.doubleclick.net/activityi;dc_pre=CPKpuIuBkvwCFYPJOwIdtXsNwA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8615419870541.607?
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f6.1e100.net
Software
cafe /
Resource Hash
6c6cd502f1e054c453489f8f1fa139e40a4c49489857e78bd4150718eaa24fd5
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
br
content-length
217
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 24 Dec 2022 10:07:22 GMT
expires
Sat, 24 Dec 2022 10:07:22 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 24 Dec 2022 10:07:21 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://5994599.fls.doubleclick.net/activityi;dc_pre=CPKpuIuBkvwCFYPJOwIdtXsNwA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8615419870541.607?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
request_content.php
hal900010.redintelligence.net/ Frame 2AEF 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900010.redintelligence.net/request_content.php?s=44963500034056600951421012183010&a=2b5be74c
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request.php?zone=9odysa1gd1m7&nw=20&renderingType=javascript&namespace=80b1edea75&subid=&uid=78c8377b5e12e4a7&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D606178722513727505%26mt_id%3D6622401%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dsnklkezbm%26e%3D1535582086632&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fforward.com&random=5930284631568&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.145.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
c92b40ea14511c55600eea6ac416a4439591e23e162c5d5bb9f7cd6dea66f734

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2102
Content-Type
text/html; charset=utf-8
Date
Sat, 24 Dec 2022 10:07:21 GMT
Expires
Sat, 24 Dec 2022 10:07:21 +0100
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
cshow.php
www.awin1.com/ Frame 3B7F 		43 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=3266505&v=11601&q=357526&r=113440&pref1=44963500034056600951421012183010&pv=1
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=snklkezbm&e=1535582086632
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.199.220.85 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-199-220-85.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:22 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
async_usersync.html
acdn.adnxs.com/dmp/ Frame 7DD0 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=snklkezbm&e=1535582086632
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
53029
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 24 Dec 2022 10:07:21 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 15 Dec 2022 19:23:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
100, 270959
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220068-HHN
X-Timer
S1671876442.783678,VS0,VE0
rd_log
fra1-ib.adnxs.com/ Frame 3B7F 		0
930 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fforward.com%2F&e=wqT_3QL9EfBM_QgAAAMA1gAFAQjVnpudBhCp26f54pGY1xEYja-4qpOZ7ppWKjYJy7kUV5V9pz8RQhwM8R89oz8ZAAAAgD0K7z8hQhwM8R89oz8py7kJJPDlMQAAAEDhepQ_MJeHhQw4mFBAHUgIUJmOu7YBWJ7Nf2AAaLHylwF4utcFgAEBigEDVVNEkgEDRVVSmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACm4VO6gIUaHR0cHM6Ly9mb3J3YXJkLmNvbS_yAhoKE1tCSURfQVRUUi5leGNoYW5nZV0SA2FwbvICJQoPW1JBTkRPTV9OVU1CRVJdEhI2MDYxNzg3MjI1MTM3Mjc1MDXyAswBChpbVU5FTkNPREVEX0NMSUNLX1JFRElSRUNUXRKtAWh0dHABfDRwaXhlbC5tYXRodGFnLgGCoGNsaWNrL2ltZz9leGNoX2FpZD0xNTExMjQ0NTA1MTQ2NTIxNTMwJm10BRsMNjA2MTZ9ADQmbXRfaWQ9NjYyMjQwMQEOKGFkaWQ9MjE2NTM2AQ8oc2lkPTQ1NjIzMTIBDwRleAFiADMBCxRpbmFwcD0FXEBvcz0mcmVkaXJlY3Q98gIXCj0VYGdkcHJfc3RyXRIA8gIZChRbQklEX0FUVFIJGjhmbGFnXRIBMPICHgoUW0ENGzBhZHZlcnRpc2VyXRIGCY0Q8gIdChIVISxjcmVhdGl2ZV0SBzYJvBDyAicKERldGGJpZF9pZF1WcQG4vAoKEltOT1RJRklDQVRJT05fVVJJXRKlCjxpbWcgc3JjPWh0dHBzOi8vdGFncy4ucQEUbm90aWZ5NXIYPWFwbiZzXyF9BQvwRmlkPTVhVzk1cTJqTHpJekx5QXZUMWRhYTA5VVJUQmFWR04wVFdwV2FVOVRNSHBhUjAwelRGUkJkMDFFUVhSTlJFRjNUVVJCCRAEZE4BEPCwTHpZd05qRTNPRGN5TWpVeE16Y3lOelV3TlM4Mk5qSXlOREF4THpRMU5qSXpNVEl2TVRNdlpsVnpkak0yV2xoTllrVklRbm95TlZBd2JHeGpZVU5MUTJ0Vk9Hd3daalJNYXpOcmFITjVURkpxUlM4eEx6RXpMekF2TUM4NU5UWTRNRE12TVRNMU9EZzVNRGcyTUM4eU1UWTFNell2TmpVeE9EY3hMekV2TUM4d0wwMUVRDbgAVAHIJEUxRVFYZE5RekIJEAgweFUBEAxSRUYwBSAAMAkgAegFEBB5OHdMegV8BQh0TmpBMk1UYzROekl5TlRFek56STNOVEExTDNweWFDASR8RTVOUzgwTmk4NU9Ua3ZNekl5THpnd0xqSTFOUzQzTGoBTPBpNHdNREF2TVRZM01UZzNOalF6T0M4eE5qY3hPRGc1TURNNEx6RXpMekV3TWpZMEx3L2dmeVdsSVJwMWdfME5ZaWl5ZVhSSGxBY2MxVSZub2RlaWQ9Mzc0OSZncm91cD16cmgmYXVjdGlvbmFLRmQDGHBic19hdWNmIQAcc2hhcmRrZXlOoQMugQMAYwFgSe9AJmJwPWFfYWVmaWlhJm1pbl9B8SB3aW49JHtBVUNF1PCVTUlOX1RPX1dJTn0mbmZ5X2FjdD1MRDV3ZXcmYmZpcD0xODUuMjkuMTMzLjYwJnR5cGU9aW1wJmNsaWVudD1jMnMgd2lkdGg9MSBoZWlnaHQ9MT5ceDNDZGl2IHdpZHRoPScxJyBoZWlnaHQ9JzEnIHN0eWxlPSdkaXNwbGF5Om5vbmU7IG92ZXJmbG93OmhpZGRlbic-AUNlZgB0BS40bGVmdDotMTBweDt0b3ANChAgcG9zaSEvJDphYnNvbHV0ZSdllgQnaG2XAHBCCQUQZXZlbnRll4nSGDEzNjg4NzWBqZHSLDc2NCZ2MT0xMyZ2Mk5qASx2Mz02NTE4NzEmdjSV9AR2NS4dBURuc3luYz0xJm5vX2F0dHI9MSctJAAnNgsBBC8-UucAADkR5gEJguUAAHQ-fAQZ5AB0Ia0obW1JbXBUcmFjayaVgABiQSJGggIEc3QV0SR0aW1lPVtJTVBfpYUBDwRdJl3VctIA8HkvZGl2PoADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA_DSkgHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMODAuMjU1LjcuMTA4qAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBOXPWIgFAZgFAKAFuu-T0O2bwfwUwAUAyQUABQEU8D_SBQkJBQt8AAAA2AUB4AUB8AWL60v6BQQIABAAkAYAmAYAuAYAwQYBITQAAPA_0Ab5qwHaBhYKEAkSGQFcEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcGSSAcyAe61wXSBw0VbgEvCNoHBgFncBgA4AcA6gcCCADwB5bFA4oIAhAAlQgAAIA_mAgB&s=5f9d94cc82c3e40fe9c9f8941850ee41fa4ce4e9&bdref=https%3A%2F%2Fforward.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fforward.com%2F,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dsnklkezbm%26e%3D1535582086632,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dsnklkezbm%26e%3D1535582086632&
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=snklkezbm&e=1535582086632
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:21 GMT
AN-X-Request-Uuid
f39802a9-7484-4d24-9891-d6c3a8093ad3
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
banner
ad4.adfarm1.adition.com/ Frame 9A69 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4.adfarm1.adition.com/banner?sid=4787252&adjsver=3&fvers=&iframe=1&ref=https%3A//flashnetic.com/r/p.html%3Ff%3Dtnpxzjf%26e%3D1971603729092&ro=https%3A//flashnetic.com/r/p.html%3Ff%3Dtnpxzjf%26e%3D1971603729092&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/108.0.5359.124%20Safari/537.36&os=17&browser=11&userid=7180654624183416986&wi=1313897205&ac=1&kw=%5Bmtp%5D%28cid%29406782908%5BAAID%5D%5BIDFA%5D%5Bu%5Dhttps%3A%2F%2Fforward.com%2F%5Bp%5D1654713%5Bmtp%5D%28segc%29&gdpr=0&screen_res=6&prf[ADVERTISINGID]=&prf[IDFA]=&prf[paadformat]=300x250&prf[paappid]=&prf[paauction]=7452539783848812721&prf[pacarrier]=1&prf[paclickid]=&prf[padevice]=0&prf[padevid]=&prf[padsp]=apx&prf[padspuserid]=6212074435349714829&prf[pageolat]=&prf[pageolon]=&prf[paplacementid]=6063205&prf[papublisherid]=1654713&prf[paref]=https://forward.com/&prf[pasource]=&prf[passp]=10264&prf[pasupplytype]=0&prf[pavendor]=&wpt=J&clickurl=https%3A%2F%2Ffra1%2Dib.adnxs.com%2Fclick%3FkmrOcDsU4D8iU7tT2MHYPwAAAIAUruc%5FR8XGl%2Dxq5D8TDyibcoXqP7FgxrpyvWxnjRdONcm4NVZWz6ZjAAAAAHlDgQEYKAAAsAQAAAIAAAC8Az8YnuYfAAAAAABVU0QARVVSACwB%2DgAx%2DQAAAAABAQUCAAAAAMoACCYpQAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521ABIX%2DgjJo5YaELyH%5FMEBGJ7NfyAAKAAxAAAAAAAAAAA6CUZSQTE6NTI5OECIMElIMxZNZyfuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTIwMCNGUkExOjUyOTg%3D%2Fbn%3D93260%2Fclickenc%3D
Requested by
Host: ad4.adfarm1.adition.com
URL: https://ad4.adfarm1.adition.com/js?wp_id=4787252&gdpr=0&gdpr_consent=&prf[paappid]=&prf[padevid]=&prf[IDFA]=&prf[ADVERTISINGID]=&prf[pasource]=&prf[paplacementid]=6063205&prf[papublisherid]=1654713&prf[paref]=https%3A%2F%2Fforward.com%2F&prf[pasupplytype]=0&prf[padsp]=apx&prf[padevice]=0&prf[paadformat]=300x250&prf[pavendor]=&prf[paclickid]=&prf[pacarrier]=1&prf[paauction]=7452539783848812721&prf[pageolat]=&prf[pageolon]=&prf[padspuserid]=6212074435349714829&prf[passp]=10264&keyword=[mtp](cid)406782908[AAID][IDFA][u]https%3A%2F%2Fforward.com%2F[p]1654713[mtp](segc)&clickurl=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FkmrOcDsU4D8iU7tT2MHYPwAAAIAUruc_R8XGl-xq5D8TDyibcoXqP7FgxrpyvWxnjRdONcm4NVZWz6ZjAAAAAHlDgQEYKAAAsAQAAAIAAAC8Az8YnuYfAAAAAABVU0QARVVSACwB-gAx-QAAAAABAQUCAAAAAMoACCYpQAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521ABIX-gjJo5YaELyH_MEBGJ7NfyAAKAAxAAAAAAAAAAA6CUZSQTE6NTI5OECIMElIMxZNZyfuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTIwMCNGUkExOjUyOTg%3D%2Fbn%3D93260%2Fclickenc%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad4.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
60c86800185db64bf0de32adac55bb2a788cbbc9ed0bb086c67da55135a11bdf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:07:21 +0100
content-encoding
gzip
server
ADITIONSERVER v1.0
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
content-type
text/javascript
cache-control
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
23684.js
ads.rubiconproject.com/ad/ Frame 2752 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/ad/23684.js
Requested by
Host: ads.bidstreamserver.com
URL: https://ads.bidstreamserver.com/servlet/view/banner/javascript/zone?pid=0&zid=638&fcid=950&uuid=9070c017ce75def74666ccd2bb5bc39f&viewable=false&random=41201069&millis=20221224050716&hb_request=98989297&hb_error=decline&friendly=friendly_41201069&language=de&pvid=82898819&resolution=1600x1200&txid=29916087&frcn=0&sid=8&sver=1&tagid=ad-15977849&uuid=9070c017ce75def74666ccd2bb5bc39f&referrer=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache / PHP/5.3.3
Resource Hash
1e7adc9a24a57746863ef54f2de5f8905c242ebc6d416713133ff989fb050222

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:22 GMT
content-encoding
gzip
server
Apache
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=1517
access-control-allow-credentials
true
content-length
8916
expires
Sat, 24 Dec 2022 10:32:39 GMT
interactive2.js
ads.bidstreamserver.com/js/ Frame 2752 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.bidstreamserver.com/js/interactive2.js
Requested by
Host: ads.bidstreamserver.com
URL: https://ads.bidstreamserver.com/servlet/view/banner/javascript/zone?pid=0&zid=638&fcid=950&uuid=9070c017ce75def74666ccd2bb5bc39f&viewable=false&random=41201069&millis=20221224050716&hb_request=98989297&hb_error=decline&friendly=friendly_41201069&language=de&pvid=82898819&resolution=1600x1200&txid=29916087&frcn=0&sid=8&sver=1&tagid=ad-15977849&uuid=9070c017ce75def74666ccd2bb5bc39f&referrer=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.10.31.14 Edmonton, Canada, ASN36483 (GOSSAMERTHREADS, CA),
Reverse DNS
Software
nginx /
Resource Hash
2b68d3f00ef77a863aced01347d486c666e2203aeb549e94c49f580c78d8aa21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:21 GMT
Content-Encoding
gzip
Last-Modified
Tue, 25 Oct 2022 15:34:24 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Cache-Control
public, max-age=86400
Connection
keep-alive
Expires
Sun, 25 Dec 2022 10:07:21 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fforward.com%2F&domain=forward.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://forward.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://forward.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 24 Dec 2022 10:07:21 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
572836
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
envelope
lexicon.33across.com/v1/ Frame 2249 		49 B
65 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0010b00002QJmSBAA1&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161217/5905/pwt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:8344:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:21 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://forward.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
sid
mug.criteo.com/ Frame 2249
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fforward.com%2F&domain=forward.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=j5keZXxqTHhQSW9SeVMzRDgwa2lrMFN0azRWTWh6SE5rREVCdkxMUy80ZjlIR2lIR2FObW1jTDRwdm52OFAyR2ZYTURpVkNjVy9hUm5RVzUrMm1QUXY4N3FPVi9Nd2YyOUo0TG1SSElZZFFpU0tkL0NSbGI1UmozckVDYz...
354 B
659 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=j5keZXxqTHhQSW9SeVMzRDgwa2lrMFN0azRWTWh6SE5rREVCdkxMUy80ZjlIR2lIR2FObW1jTDRwdm52OFAyR2ZYTURpVkNjVy9hUm5RVzUrMm1QUXY4N3FPVi9Nd2YyOUo0TG1SSElZZFFpU0tkL0NSbGI1UmozckVDYzB3OWFTMWYxbWZKVld0NDRpemk4Um9QYXZpUmYyRUIrUUlnMjJnVjdNdGZnOHErWDFyQzRpVGxzUVM0TkY2dFhaRmtSbnJxUUlTdHhpMC9YZm03K09OOUcyK2FQSnpCSE9nY09yWnNOZDNPMWIzWmpCRUJFPXw&cppv=2
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
5161cd3c7b671b9f201edd8e9539a300fc0fa7bda6bf8cc9ce39033f8de376dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:24 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2044290
expires
0

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:21 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=j5keZXxqTHhQSW9SeVMzRDgwa2lrMFN0azRWTWh6SE5rREVCdkxMUy80ZjlIR2lIR2FObW1jTDRwdm52OFAyR2ZYTURpVkNjVy9hUm5RVzUrMm1QUXY4N3FPVi9Nd2YyOUo0TG1SSElZZFFpU0tkL0NSbGI1UmozckVDYzB3OWFTMWYxbWZKVld0NDRpemk4Um9QYXZpUmYyRUIrUUlnMjJnVjdNdGZnOHErWDFyQzRpVGxzUVM0TkY2dFhaRmtSbnJxUUlTdHhpMC9YZm03K09OOUcyK2FQSnpCSE9nY09yWnNOZDNPMWIzWmpCRUJFPXw&cppv=2
access-control-allow-origin
https://forward.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
293519
content-length
0
expires
0
id
id.crwdcntrl.net/ Frame 2249 		43 B
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id?c=15969
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161217/5905/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.211.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-211-146.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:21 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://forward.com
cache-control
no-cache
x-server
10.45.26.3
access-control-allow-credentials
true
content-length
43
expires
0
rid
match.adsrvr.org/track/ Frame 2249 		63 B
386 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161217/5905/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
67d59e59ab78914bef31e6a4edd0153a62a5f8be5d635783b43e0640f5473388

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:21 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://forward.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Mon, 23 Jan 2023 10:07:21 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fforward.com%2F&domain=forward.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://forward.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://forward.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 24 Dec 2022 10:07:21 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
435466
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
envelope
lexicon.33across.com/v1/ Frame B945 		49 B
65 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0010b00002QJmSBAA1&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161217/5905/pwt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:8344:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:21 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://forward.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
sid
mug.criteo.com/ Frame B945
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fforward.com%2F&domain=forward.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=M3jHYXxWa21DS1pjNGpyOU1kd21xNjNGcFJMcHgyRWQzbWVDSmUvYzF2VTcxbS9oQnRpZUU5Rm1QejUyQ2dISzBUazNKMm55cHNmM2gvRVdNWEl2QWhrMW4xM3ZxMHFqMUVIbnVvYkIwTjh2bER6SVVtc3JhRmtKZG5POV...
359 B
648 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=M3jHYXxWa21DS1pjNGpyOU1kd21xNjNGcFJMcHgyRWQzbWVDSmUvYzF2VTcxbS9oQnRpZUU5Rm1QejUyQ2dISzBUazNKMm55cHNmM2gvRVdNWEl2QWhrMW4xM3ZxMHFqMUVIbnVvYkIwTjh2bER6SVVtc3JhRmtKZG5POVhLdkFILzY0ZURpMFV3T000emFzbjJRQ0JqcjJ1MGxZMXNCNUxpcFV4WmErT3AyQzRpOUwvWUlzbC8zbGxuVVFIeWNKS2xFTG5PR3dMR0JraFRZckd4NkhBRFpDenFaTWJMaUNyM0Y1UlBMRytNcXhkOEQ0PXw&cppv=2
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
56e7e9c260d393a4eda7a03a2d25058bee875f9d54c83731c1d8ffcfdac7fdec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:24 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1032948
expires
0

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:21 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=M3jHYXxWa21DS1pjNGpyOU1kd21xNjNGcFJMcHgyRWQzbWVDSmUvYzF2VTcxbS9oQnRpZUU5Rm1QejUyQ2dISzBUazNKMm55cHNmM2gvRVdNWEl2QWhrMW4xM3ZxMHFqMUVIbnVvYkIwTjh2bER6SVVtc3JhRmtKZG5POVhLdkFILzY0ZURpMFV3T000emFzbjJRQ0JqcjJ1MGxZMXNCNUxpcFV4WmErT3AyQzRpOUwvWUlzbC8zbGxuVVFIeWNKS2xFTG5PR3dMR0JraFRZckd4NkhBRFpDenFaTWJMaUNyM0Y1UlBMRytNcXhkOEQ0PXw&cppv=2
access-control-allow-origin
https://forward.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
349233
content-length
0
expires
0
id
id.crwdcntrl.net/ Frame B945 		43 B
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id?c=15969
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161217/5905/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.211.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-211-146.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:21 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://forward.com
cache-control
no-cache
x-server
10.45.0.211
access-control-allow-credentials
true
content-length
43
expires
0
rid
match.adsrvr.org/track/ Frame B945 		63 B
386 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161217/5905/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
67d59e59ab78914bef31e6a4edd0153a62a5f8be5d635783b43e0640f5473388

Request headers

Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:21 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://forward.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Mon, 23 Jan 2023 10:07:21 GMT
B24055176.272288642;dc_ver=92.271;sz=300x250;u_sd=1;gdpr=0;aucid=3973708468614784229;crid=240739685;ioid=%24%7BINSERTION_ORDER_ID%7D;liid=%24%7BCAMPAIGN_ID%7D;segid=%24%7BPIXEL_ID_COMMA%7D;srcid=%2...
ad.doubleclick.net/ddm/adj/N163801.2560713PROPERTYSOLUTIONS/ Frame A4FA 		65 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N163801.2560713PROPERTYSOLUTIONS/B24055176.272288642;dc_ver=92.271;sz=300x250;u_sd=1;gdpr=0;aucid=3973708468614784229;crid=240739685;ioid=%24%7BINSERTION_ORDER_ID%7D;liid=%24%7BCAMPAIGN_ID%7D;segid=%24%7BPIXEL_ID_COMMA%7D;srcid=%24%7BSOURCE_URL%7D;dc_adk=4185398266;ord=lgja5i;click=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3Fpk5AE2HDgz-KdpTRaHV9PwAAAIAUruc_inaU0Wh1fT-lTkATYcODP-XkvnDMciU3jRdONcm4NVZWz6ZjAAAAAHlDgQEYKAAA6h8AAAIAAABlZVkOnuYfAAAAAABVU0QARVVSACwB-gAx-QAAAAABAQUCAAAAAMoACSUMwQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521lhZqagi93NQVEOXK5XIYns1_IAAoADGamZmZmZm5PzoJRlJBMTo2NjIxQIgwSQAAAAAAAPA_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAANA_aQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DODE3MCNGUkExOjY2MjE%3D%2Fbn%3D99372%2Fclickenc%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Fforward.com%2F$0;xdt=1;crlt=SGqX)'TyIK;gcsr=m;stc=1;chaa=1;sttr=1182;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v92.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
cafe /
Resource Hash
dfe8b3a3d3846a2115ef6de117289c8248080f2602a5951e3116734af14b430c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:21 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28056
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 5B39 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1654713&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:21 GMT
AN-X-Request-Uuid
73e84456-2d1a-4533-b015-5a21a1aad7f1
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
integrator.js
adservice.google.de/adsid/ Frame 4B98 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=forward.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071222
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 4B98 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=forward.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071222
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 4B98 		533 B
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4368276508956948&correlator=1239958498267319&eid=31071222%2C31068366&output=ldjh&gdfp_req=1&vrg=2022120601&ptt=17&impl=fifs&iu_parts=21671350435%3A22712312433%2C728x90-forward.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=1&adks=617174094&sfv=1-0-40&fsfs=1&eri=1&sc=1&cookie=ID%3D00d71eeb7218a6f1%3AT%3D1671876435%3AS%3DALNI_MZj7UvGLW8KA8qVkkACX9ZboIyD-A&gpic=UID%3D00000b97e6383860%3AT%3D1671876435%3ART%3D1671876435%3AS%3DALNI_Ma8AlKNCprDUKxC_SPmXoQIE3cynA&abxe=1&dt=1671876441944&lmt=1671876441&dlt=1671876438310&idt=2421&adxs=436&adys=5630&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=1&ucis=5i31wctylfqx&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=2&url=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F&ref=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F&top=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F&frm=23&vis=1&psz=728x90&msz=728x0&fws=256&ohw=0&ea=0&ga_vid=550322770.1671876434&ga_sid=1671876442&ga_hid=99939474&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071222
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1aca8dd76d75f129f8b9df1dc6220d1440c4c55fd3c0cea4d67c7dd645d02139
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:22 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
268
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://forward.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 4B98 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071222
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d3f7432bb497ce29f14ee5e692b0fcb2b565e6a80ee6a790d60e8ac90613ee8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:21 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11096
x-xss-protection
0
container.html
5a0b7fa0b7bc097353a0829cd558de54.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8009 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5a0b7fa0b7bc097353a0829cd558de54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 24 Dec 2022 10:07:22 GMT
expires
Sun, 24 Dec 2023 10:07:22 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
async_usersync
ib.adnxs.com/ Frame 84A8 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1654713&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:21 GMT
AN-X-Request-Uuid
3dae27cf-8e1c-4e03-a567-ae71fd5c81ec
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 24CB 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1654713&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:21 GMT
AN-X-Request-Uuid
dfe6969f-1b42-4b74-90b0-c853018801ac
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
collect
n.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://n.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-f/s/0.7.1/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.184.204.244 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
https://forward.com
date
Sat, 24 Dec 2022 10:07:21 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
vary
Origin
request-context
appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
async_usersync
ib.adnxs.com/ Frame 091D 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1654713&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:22 GMT
AN-X-Request-Uuid
14143f18-a8a2-4b17-bd57-e97658c5babb
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cm
u.openx.net/w/1.0/ Frame 3BBC 		0
35 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid.bidstreamserver.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Requested by
Host: ads.bidstreamserver.com
URL: https://ads.bidstreamserver.com/js/prebid-bidstream-7.16.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Sat, 24 Dec 2022 10:07:22 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
setuid
prebid.bidstreamserver.com/ Frame 64CC
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=&us_privacy=&cb=https%3A%2F%2Fprebid.bidstreamserver.com%2Fsetuid%3Fbidder%3Damx%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D
  • https://prebid.bidstreamserver.com/setuid?bidder=amx&gdpr=&gdpr_consent=&f=i&uid=98018288-e3c9-4b5c-b598-18f5d6f31ff7&gdpr=&gdpr_consent=&us_privacy=
86 B
469 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.bidstreamserver.com/setuid?bidder=amx&gdpr=&gdpr_consent=&f=i&uid=98018288-e3c9-4b5c-b598-18f5d6f31ff7&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Server
165.227.116.104 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
prebid2.advertserve.com
Software
nginx /
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
server
nginx
vary
Origin
x-frame-options
DENY
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
content-length
86
expires
0

Redirect headers

location
https://prebid.bidstreamserver.com/setuid?bidder=amx&gdpr=&gdpr_consent=&f=i&uid=98018288-e3c9-4b5c-b598-18f5d6f31ff7&gdpr=&gdpr_consent=&us_privacy=
date
Sat, 24 Dec 2022 10:07:21 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
async_usersync
ib.adnxs.com/ Frame E366 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1654713&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:22 GMT
AN-X-Request-Uuid
6db0dfa7-2de1-48ee-80ff-31bb768f9030
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
current
prebid-match.dotomi.com/match/bounce/ Frame B945 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fprebid.bidstreamserver.com%2Fsetuid%3Fbidder%3Dconversant%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
vevent
fra1-ib.adnxs.com/ Frame 73DA 		0
951 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fforward.com%2F&e=wqT_3QKoC_BMqAUAAAMA1gAFAQjWnpudBhCKxOyf8auWgzAYja-4qpOZ7ppWKjYJDJOpglFJfT8RflWRfrkedj8ZAAAAgBSu5z8hflWRfrkedj8pDJMJJPCaMQAAAEDheoQ_MPmGhQw4mFBA4RhIAlCb0ra5AViezX9gAGix8pcBeKSIBoABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJpdWYoJ2EnLCA0NTA2MTg4LCAwKTt1ZignaScsIDc2NTY5MjYsIDApO3VmKCdnJywgMTkxMDI1MDcsIDAJKTxzJywgMjc4NTgwOTIyLCAwCRYwcicsIDM4ODg2ODM3OQUW9IEBkgKJBSFqSC10V1FqWDl1TVpFSnZTdHJrQkdBQWduczFfTUFFNEFFQUFTT0VZVVBtR2hReFlBR0M5Qm1nQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkFxZ0JBckFCQUxrQk5FNWNPNVdXZXpfQkFmUkQ0TFgzUm4wX3lRRUFBQURBek16c1A5a0JTRE1XVFdjbjdqX2dBZDZyMHdQMUFRQUFRRUNZQWdDZ0FnQzFBZ0FBQUFDOUFnQUFBQURBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0SWdfeS1KeEFFR0FFdHdYS3dPYUlERXdpdDBfTW1FQW9ZQVMxbVptWV9NZ04xYm5HaUF3NEltcm1ZSlJBTEdBSXRBQUFBQUxvRENVWlNRVEU2TmpZeE9PQURpRENBQkpIa3FnbUlCTENKcXdtUUJBR1lCQVN5QkFrSXZ1b1JFSl9jcEEyNkJCa0k3UWdSdUI2RjYxRzRuajhaQUFBQUEBy1hBQWd2dW9Sd1FTNEhvWHJVYmllUDhrRQkbAQEYRFlCQUR4QgELDQF4aUFYYU01Z0Z1cDNyaEFHcEJVZ3pGazFuSi00X3NRVQ0mFEFBQU1FRgEHCQE4REpCUUFBQUtBTGF1a18wLigABE5rFSi4OERfZ0Jjc0Y4QVdyOW8wSi1BWE1oSk1DZ2dZRFJWVlNpQVlBa0FZQm1BWUFvUVkJWzRBQUlRS2dHQkxJR0pBaxEUCEFBQh3HBEJrGRgAQx0YQExnR0NnLi6aApkBIS1oYmoyPo0CEEo3TmZ5AbgEQXgRQixDRUE2Q1VaU1FURTYlkUBFQ0lNRWxJTXhaTlp5ZnVQMR1hAEYdeQhHRzQ1ZQAyHRgASB0wDEhnQWlFoQEB8NdEd1B3Li7YAgDgApuFTuoCFGh0dHBzOi8vZm9yd2FyZC5jb20vgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgD8NKSAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBAw4MC4yNTUuNy4xMDioBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQOMzE2OSNGUkExOjY2MTjaBAIIAeAEAfAEm9K2uQGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAABDnDYBQHgBQHwBavvSfoFBAgAEACQBgCYBgC4BgDBBgEhMAAA8D_QBv8L2gYWChAJERkBdBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHpIgG0gcNCREoASYI2gcGAV1wGADgBwDqBwIIAPAHlsUDiggCEACVCAAAgD-YCAE.&s=451b0a67521beb866b4dd22de22d467732e97ae7&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=250&sid=1425382271713132305&vd=ct~0|rr~0&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=25248633&sw=1600&sh=1200&pw=1600&ph=250&ww=1600&wh=250&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/231/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:22 GMT
AN-X-Request-Uuid
fbf7a158-1b46-400b-9d71-17c2b59d86e4
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 894E 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1654713&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:22 GMT
AN-X-Request-Uuid
c37d5bda-969b-4ca4-8d6c-64e2fef2eddf
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 981A 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1654713&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:22 GMT
AN-X-Request-Uuid
0534a907-1a3a-4cf0-a5c8-e74ae22f5f41
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
publishertag.prebid.130.js
static.criteo.net/js/ld/ Frame EF10 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.130.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:22 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 17 Sep 2022 19:59:55 GMT
server
nginx
etag
W/"6326273b-16120"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 25 Dec 2022 10:07:22 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 9AAD 		334 B
392 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876439850&tk_flint=pbjs_lite_v7.19.0&x_source.tid=a73e12b6-7c27-4f8b-ad66-44e71553b0fa&l_pb_bid_id=2fc1c223a648f1&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.01117331600644067
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
921302b2d7cbcbdf5a2ff399d4eb2df85904ba666e5fc40fb67f6d2b75f033c4

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
334
expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
prg.smartadserver.com/prebid/ Frame 9AAD 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:21 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame 9AAD 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=23124324073&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:21 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
prebid
ib.adnxs.com/ut/v3/ Frame 9AAD 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
975ebf01e544b64a40272e9cadf6d43e9ce2e8e2bd2ed0b756d0958be454aa92
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:22 GMT
AN-X-Request-Uuid
038cc30b-aea3-48fa-a204-37b4cf9ffed4
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame 9AAD 		36 B
506 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%229b2d6f00ac2032%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876439850%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876439850%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2210bde7d05c9bb57%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%22a73e12b6-7c27-4f8b-ad66-44e71553b0fa%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%22f8950bc9-9775-42e7-a327-f8475bb8b4fd%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ba2ae67c47f32a5d153842515a0bf73e8162143975e7c4dc09c3781576ee722

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q5t%2B%2FxVSbovYq0CjDHgq%2F3To4rSewOTvO1XKxH%2BBHI4Z9HTArfZM0R5jCVk2n0HFkKeKFYP6qQtGasTpCX5NBlyApW7Gqm0mBOCvUPZQfh9D8ssiwIQ0MpstbVin1s03xm%2BvV7%2FJ"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e887933f4b696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
v1
prg.smartadserver.com/prebid/ Frame 9AAD 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:21 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 9AAD 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:22 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
translator
hbopenbid.pubmatic.com/ Frame 9AAD 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:21 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
impl_v92.js
www.googletagservices.com/dcm/ Frame 3CF9 		60 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v92.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8acf96115cb55ad61bfdc24b7918a946d1b983ac14062a584dbbe8744021430a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 18 Dec 2022 01:33:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
549252
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23563
x-xss-protection
0
last-modified
Mon, 07 Nov 2022 16:32:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 18 Dec 2023 01:33:10 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame 230D 		36 B
503 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221a3a86d2121a7e%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876439837%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876439837%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222dcf41bc6d1b33%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%228b21f893-631d-4a1f-97f4-d868e437ec13%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%2205da0ef6-7af1-4b56-8c6e-354391e0fdf0%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33b037a223cf10524ba579496a2d7665d2734652b36e5d5db0fe48130b327b86

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EBo%2FTMFk8go%2F6aPAQPgw7G5RHehBLnxbUTfHuBG%2FRlp%2BVD2nKHF0CTu79Z3mllIC8MF8qnkrcmKAlBNUzueMdv7JwottlyZXREjsJcpKTPGEE0Ir6ytZRavbcuhbAWVFJq4UmwJB"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e887934f65696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
v1
prg.smartadserver.com/prebid/ Frame 230D 		171 B
561 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:21 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame 230D 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=79258899712&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:22 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 230D 		334 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876439837&tk_flint=pbjs_lite_v7.19.0&x_source.tid=8b21f893-631d-4a1f-97f4-d868e437ec13&l_pb_bid_id=8d5be27fb5f1df&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9508885159932661
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
2bd7dcf300b51599032cfbf8dc8c89c41d0fa0e7119c48af6b57a42c24c1bed6

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
334
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ Frame 230D 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:22 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame 230D 		139 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
a945dfd8a51c13673a7f62fe92a9bb43daa7fbca2ec02088ac8803749844f60d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:22 GMT
AN-X-Request-Uuid
4450a2cf-fa87-4c6d-941e-1241df35067f
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 230D 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:22 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
v1
prg.smartadserver.com/prebid/ Frame 230D 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:21 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
000002447532.gif
imagesrv.adition.com/banners/273/files/00/25/58/ac/ Frame 67CC 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesrv.adition.com/banners/273/files/00/25/58/ac/000002447532.gif
Requested by
Host: ad4.adfarm1.adition.com
URL: https://ad4.adfarm1.adition.com/banner?sid=3692289&wpt=H&ac=-1&bid=16707077&userid=7124704239831220522&clickurl=https://fra1-ib.adnxs.com/click?DJOpglFJfT9-VZF-uR52PwAAAIAUruc_flWRfrkedj8Mk6mCUUl9PylL6_YYHHgnjRdONcm4NVZWz6ZjAAAAAHlDgQEYKAAAYQwAAAIAAAAbqS0XnuYfAAAAAABVU0QARVVSACwB-gAx-QAAAAABAQUCAAAAAMoAoiEAmAAAAAA./bcr=AAAAAAAA8D8=/cnd=%21-Rae2QjX9uMZEJvStrkBGJ7NfyAAKAAxAAAAAAAACEA6CUZSQTE6NjU0NUCIMElIMxZNZyfuP1EAAAAAAAAAAFkAAAAAAAAAAGG4HoXrUbieP2kAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MzE2OSNGUkExOjY1NDU=/bn=99145/clickenc=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
e3d228f21c1416847a787052cadbac5df6182bb7b5fb185d4edbf9dc225e5ec3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad4.adfarm1.adition.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 24 Dec 2022 10:07:22 GMT
last-modified
Tue, 04 Oct 2022 07:30:36 GMT
accept-ranges
bytes
etag
"2700043250"
content-length
2096780
content-type
image/gif
pbjs
htlb.casalemedia.com/openrtb/ Frame E491 		36 B
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2213882c87404859%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876439865%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876439865%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22206914eb65f854%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%22e10f4da6-2d58-4a19-af3b-3d62c560f0ce%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%222a8a9730-e6ee-4fcf-b83a-eaa2ee1be35a%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8361594d6f6bb464fc21d501d08597972d8eade458760f26fba35bb8fc5dc71b

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JLJBzecoEHMrPVJ%2Fpv%2F2BtzKFTsaxjLtw%2FUs1gY1LCBbZPnu8NTvVjd1pisl9j0gcg9ZFRMfFbyip6U8wM3nYoP6lJZQlp3qCZmfnolT9M0sW9%2FGfgXNNY4kEh9uar4cakxWAmA4"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e887936fad696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame E491 		334 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876439865&tk_flint=pbjs_lite_v7.19.0&x_source.tid=e10f4da6-2d58-4a19-af3b-3d62c560f0ce&l_pb_bid_id=471ba046bb454&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.36589086823247174
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
7b5147a6baf6387b21a2ec581dea729b63e3c372d501f2b0a65b3ad4e80a277a

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
334
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ Frame E491 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b9efe26d2090c88b6742a266cee357a893281150462886afcc6f7386e2296566
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:22 GMT
AN-X-Request-Uuid
f69acabb-5353-4d5a-9c9e-152dfba30f39
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame E491 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:22 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
cdb
bidder.criteo.com/ Frame E491 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=28845981038&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:21 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
translator
hbopenbid.pubmatic.com/ Frame E491 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:22 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ Frame E491 		171 B
561 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:21 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ Frame E491 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:21 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ Frame A40E 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:21 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame A40E 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:22 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
translator
hbopenbid.pubmatic.com/ Frame A40E 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:22 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame A40E 		334 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876439858&tk_flint=pbjs_lite_v7.19.0&x_source.tid=e9539e70-24d3-4def-b323-88ee3d27ace2&l_pb_bid_id=8a5e265816da2c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.09538842856525909
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
46fd407ad3655e5610918eb048cf024f0ed714ed8b2495d5542b54065b728bf6

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
334
expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ Frame A40E 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=2925958838&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:22 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
v1
prg.smartadserver.com/prebid/ Frame A40E 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ Frame A40E 		37 B
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2213ae6b6b41fa8ac%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876439858%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876439858%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22141a5b5f6bf9e9b%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%22e9539e70-24d3-4def-b323-88ee3d27ace2%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%2270cc1d3e-5928-4d25-ad00-f4c02de125e3%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97b98af2b0d2b574e0e90569050f0d581cdc72013ebe2140c95b1c3cd53db1c1

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=smbkEmKglHZ7Jkgis7bxMEDSRJlg%2BlW4xjzugZoPIFEixe4T14xDaNRkmnVpbfR14bfkhRFdpMpiAf4b7tjdKo8F4KyV98CGDZoHmcrVQza3sLdcH9aqyAf13ptlnY01fsjYYU8d"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e887938fe5696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
prebid
ib.adnxs.com/ut/v3/ Frame A40E 		139 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
5a307db525b6840246dd5ffbdd03b949c7287686fa5e693f68ffa15eb0791e9b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:22 GMT
AN-X-Request-Uuid
243fe641-38d0-4d62-a28d-be19adb2e476
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame EA12 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:22 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
v1
prg.smartadserver.com/prebid/ Frame EA12 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ Frame EA12 		36 B
505 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%225c732fccd5cb07%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876439894%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876439894%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2266f36c5079c2c5%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%220c88469d-194f-43fe-8ba8-0a33dcd9c775%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%221268df52-b8b2-4e51-8723-b7c57d5cc4e0%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b5d08e7aad88badfb0de061dd9e5e144c92e0a417e2b5f482f84b6d6a70de39

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r83zHy4aqRhl0Wn4UUaruKOnLEEXOrQB5tbI8hchO7TO6sAllR3fKINKK2xaImdw%2BIDgYU6tUeCYZTVIKEeZj2H8ec8C%2B2P1aQLfNe2Et%2FXosvq6W%2Br0gr%2F%2BFE0VGnWFyJCvwwt5"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e88793b84a696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
prebid
ib.adnxs.com/ut/v3/ Frame EA12 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
8b2d9e1d29d275c11d6322d1d707262c41944b92b82029a76269cc7236191b72
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:22 GMT
AN-X-Request-Uuid
dce63ea0-98a4-4389-af8a-58b64941599f
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame EA12 		334 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876439894&tk_flint=pbjs_lite_v7.19.0&x_source.tid=0c88469d-194f-43fe-8ba8-0a33dcd9c775&l_pb_bid_id=10c09766c0a650c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.17611487786692392
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
d049608e01345adb42306f5ab76959a76f6b2a3280808c54ed3d8ab97c4cff11

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
334
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ Frame EA12 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:20 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame EA12 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=5009309132&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:21 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
v1
prg.smartadserver.com/prebid/ Frame EA12 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 055A 		334 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876439900&tk_flint=pbjs_lite_v7.19.0&x_source.tid=ff3dd048-08ad-44a2-8adf-6c9fdc8e5763&l_pb_bid_id=24a90c7aa9319d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5093915632079904
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
1e0d521f2db6c22bae7a135e827a0a492311a80461c8525b40f07e7c46ac52ba

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
334
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ Frame 055A 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:21 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ Frame 055A 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:21 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 055A 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:22 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid
ib.adnxs.com/ut/v3/ Frame 055A 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
a506d8ecc5d74247f1e4c0696b721fa69de266d37063cf187aedccc0cc8b936f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:22 GMT
AN-X-Request-Uuid
dc79b560-4ddb-4f35-8f15-5659fc356a6c
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame 055A 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:21 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ Frame 055A 		37 B
509 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22133a15bc62fcd0f%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876439900%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876439900%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2214ed7358239237d%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%22ff3dd048-08ad-44a2-8adf-6c9fdc8e5763%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%224861c561-1ba5-4550-95e4-dff20799e56a%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f43d2a30107aeea1ac3a2ee7974f2d270581a7757e504e6c41db344366f734a

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Spb5yyLhxVZwPpOQoAJhdimmB9zBlznJuSjOMT%2BB%2BNLR5f2lU%2F1L5%2F%2BRtV5emIamH9xhA9qDiq%2BwYqm4AFzTrVYNKStAa2bYDxwCQY2Sng%2BsFD5dvMuvMAmbFunnJEVE5GUKemEZ"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e88793c86c696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
cdb
bidder.criteo.com/ Frame 055A 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=22051886099&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:21 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame CFEF 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:22 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid
ib.adnxs.com/ut/v3/ Frame CFEF 		13 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
60c52dc22e157850e8dd14f90d2bf881900c0a8ba48891c8c45c7151e43ccfd3
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 24 Dec 2022 10:07:22 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
517f671a-c3ad-4dbf-bffb-454dec6f3a45
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ Frame CFEF 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=60819607761&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:22 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
v1
prg.smartadserver.com/prebid/ Frame CFEF 		171 B
561 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ Frame CFEF 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ Frame CFEF 		37 B
506 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22119eef6e2e668ce%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876439884%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876439884%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2212f4f861c4e1b41%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%2217191c97-4bea-4a3c-a301-99960d2a0e0f%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%22777f7336-c965-448e-9310-3a0dd2943222%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b633c3d6a4dd22600967290368c9cf3695fd18862aa33eb19f33b0acefc0b5f

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nJ9qjmSaNLi45So3lVZ9j6kHAtOesQHNcRun%2BSTPM9CyK%2BoilcCVs%2BDjevCuHKQAoUlcW3qdIPh1Un%2BVK1DBDW9gYApz3oMXYdbJE0NZQ3TNl98uXZib4PzwIBR%2BTLYLZAnynfZF"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e88793d876696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
translator
hbopenbid.pubmatic.com/ Frame CFEF 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:22 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame CFEF 		334 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876439884&tk_flint=pbjs_lite_v7.19.0&x_source.tid=17191c97-4bea-4a3c-a301-99960d2a0e0f&l_pb_bid_id=168ea0a43bada15&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6243515660891279
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
4eadf91bef9f43c6efa8bdbcff98024f8fa42f28f953bea2afae2794f89424e4

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
334
expires
Wed, 17 Sep 1975 21:32:10 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame C47E 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:22 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
v1
prg.smartadserver.com/prebid/ Frame C47E 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:21 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame C47E 		334 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876439911&tk_flint=pbjs_lite_v7.19.0&x_source.tid=8f804bb2-5367-4f40-ac49-333fc7bede98&l_pb_bid_id=664ba490a6c879&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4144844819084721
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
53a65564d8d5fc0c283c34a7be250ca1666cb5a0ba55626517eb27c37fd3ba68

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
334
expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ Frame C47E 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=32748072859&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:22 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
prebid
ib.adnxs.com/ut/v3/ Frame C47E 		139 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
59ee6df2f16951e2a5d80f4132ad98a9a6f572ffe9e24155aeff6010352cbf4e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:22 GMT
AN-X-Request-Uuid
9cd46907-2e8b-4657-8aa9-6f9948a38953
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame C47E 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:20 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ Frame C47E 		37 B
508 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22133aceb2e9998f9%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876439911%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876439911%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2214a960a60f0ecc5%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%228f804bb2-5367-4f40-ac49-333fc7bede98%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%22bb048369-d2ec-4fd0-924f-4528b36404b4%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
795c06f71ed104ec3910b4846c6b64dea372c21dd840cfe761c71e6228c134ed

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2BMwSF5TQB7%2FIZjRtv%2Fzy3xatcJkdIl%2BQFaiB68gFew%2BFuJjFVv1kA0BWESJbkU8X7XpPq1R%2Fioo6qL7e9vjhd%2Bp8Dm%2F9pzY4HoWZVHmrsARiI3F34DSqL8dfoLJhzz2m8hL7H2A"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e88793e89a696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
v1
prg.smartadserver.com/prebid/ Frame C47E 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:21 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ Frame 3A43 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:20 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 3A43 		334 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876439921&tk_flint=pbjs_lite_v7.19.0&x_source.tid=17e49f78-94e9-4938-a968-b35de653fe86&l_pb_bid_id=4531fb382a21cf&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.045145106516922606
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
e3528d161236d120e59d8bf71e5fec4da411343749a989556591778e6ff8388b

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
334
expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
prg.smartadserver.com/prebid/ Frame 3A43 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:21 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame 3A43 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
f393ad0abf118d62ee74a158a8f1228ac4ee3406bf167763d0ab4ddf915d4bd1
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:22 GMT
AN-X-Request-Uuid
da221eb3-7740-4420-8049-27ff9c10f0b9
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ Frame 3A43 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=92658134753&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:21 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 3A43 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:22 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
pbjs
htlb.casalemedia.com/openrtb/ Frame 3A43 		37 B
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2213c35a37bef3065%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876439921%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876439921%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221452dc9b2f57894%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%2217e49f78-94e9-4938-a968-b35de653fe86%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%22c3e92f59-c09c-48fd-8b77-58402715f67d%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d434a40ddc49b451bd3e9928040178092355ac94398c70c4cfca6cb689b1708

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K65U8uVM8FtAqXWIMwz3nXD3ersKzLnxxcTrfYbs4cSH8AA10RAUmdazJ%2BuZ%2FqwybJwkxHFH9PSTxm1eowNNeRf7IKILdrq93pZsyFr7l5TuAxvugtVGGWiIt0IBszyHZCAE7d74"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e887942930696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
pbjs
htlb.casalemedia.com/openrtb/ Frame 0176 		36 B
505 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221e5c32f53dc483%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876439928%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876439928%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222fd5113fb09fe2%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%2284c7d0cc-f22c-4c2d-bef2-1249f5f642a3%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%2224f5e99d-0ddd-4ffe-9fdf-4985b9f71341%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5abcd65603493240fb3ab78d15980e9adfa4af0f493ba804aa3dc0de961e0b69

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EcN47KqUHvR6qJVVdilfF8l3c7txttpxKqL0zm6wZ1fLbVpwRLzbjp8awA7e8WXB%2BoDmQS3vFKS6ebUABaOkPf%2Fk6nzFySshIVnSUW%2BcJtd%2BuvWWzsXRlq%2FIKaEji1IPFSYWMVak"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e887942939696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
prebid
ib.adnxs.com/ut/v3/ Frame 0176 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
9c38f02c628f7dae33ce15e87873e75daac875b8b80837b8dbc8a7d18805f4b7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:22 GMT
AN-X-Request-Uuid
f40b81b5-47b3-4502-81a2-0933fd782e94
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 0176 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:22 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
cdb
bidder.criteo.com/ Frame 0176 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=93401607134&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:21 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
v1
prg.smartadserver.com/prebid/ Frame 0176 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:21 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 0176 		334 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876439928&tk_flint=pbjs_lite_v7.19.0&x_source.tid=84c7d0cc-f22c-4c2d-bef2-1249f5f642a3&l_pb_bid_id=12069705ada2ed7&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.11814854617283377
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
8db18bb74d20b5093bd11cb42d1a527d3bc50aa4baa370e5281230d3d5994ab0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
334
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ Frame 0176 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:21 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame D2E8 		95 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?referrer=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.55.233.29 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.233.55.162.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/png
date
Sat, 24 Dec 2022 10:07:22 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
rum
dsum-sec.casalemedia.com/ Frame D2E8
Redirect Chain
  • https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=844299&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=
  • https://ad.turn.com/r/cs?pid=21&gdpr=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3396307127223499462
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3396307127223499462
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:24 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3396307127223499462
pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
ImgSync
image8.pubmatic.com/AdServer/ Frame D2E8 		0
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=156383
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:22 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
translator
hbopenbid.pubmatic.com/ Frame 7A82 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:20 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ Frame 7A82 		36 B
498 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%223d9669e11233b3%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876439935%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876439935%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%224aaf58fd59aac9%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%223faea6ec-570d-41ea-a248-f379335801e4%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%2244898606-6c8a-4a78-ac1f-94a8e063494c%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbbcccf5eeb1877739349f95cbf3479c958f5196fe1dcca756a0eb81c5d9e311

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YrLJuT9l8vObib7jWuP9OfDaZunvuhM8tTYEMRqpPexS8DYyHrnoNiXF5L0EnsrjJwVKSTNdygHOpYYRGLPA3url7IxpdgWN3koYb15qpqtvyR3QqTiVHyudsDX5dnnJLkVbKdFE"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e88794598e696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 7A82 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:22 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 7A82 		334 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876439935&tk_flint=pbjs_lite_v7.19.0&x_source.tid=3faea6ec-570d-41ea-a248-f379335801e4&l_pb_bid_id=8de2c6deaf87a2&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.67897581595238
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
b403d3219253aa35189b5981680acf84f4e294bff20b70e9d2bcfbaf8bd30359

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
334
expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ Frame 7A82 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=15560131096&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:21 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
prebid
ib.adnxs.com/ut/v3/ Frame 7A82 		13 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
6022508496bc68236059cdaab06e3799249f163acc39cb76a96c1c2494a85e8c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 24 Dec 2022 10:07:22 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
45c5f32d-6c53-49ad-92f5-0a31445c432e
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame 7A82 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
async_usersync
ib.adnxs.com/ Frame C20A 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1654713&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:22 GMT
AN-X-Request-Uuid
e8358e84-ae37-47f6-a73c-17b29882afd1
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 75DB 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1654713&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:22 GMT
AN-X-Request-Uuid
ad86c710-1370-4298-b8c2-5bf66bf0a3ac
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame A59C 		334 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876439949&tk_flint=pbjs_lite_v7.19.0&x_source.tid=b8f369f6-e8a0-4055-8d7e-2c3937677ba3&l_pb_bid_id=24d7999bb6fdf5&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.19645195744070776
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
5e2adcd1250f8ab3a4cdd2d2b86e0cefbfd7871fe25227dd7b6577c44adc37c3

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
334
expires
Wed, 17 Sep 1975 21:32:10 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame A59C 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:22 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
cdb
bidder.criteo.com/ Frame A59C 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=69415885281&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:22 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
v1
prg.smartadserver.com/prebid/ Frame A59C 		171 B
561 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ Frame A59C 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:22 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame A59C 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
f4fed9a41867a59109581da07ec1e0af04f8d9469a21da66a6907a1b56a7f1c0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:22 GMT
AN-X-Request-Uuid
e23dcbf8-d1ac-4b7a-a7fc-f9427c8fac00
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame A59C 		37 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221346020f3230973%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876439949%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876439949%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2214027034e4b6078%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%22b8f369f6-e8a0-4055-8d7e-2c3937677ba3%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%228a7b9c2c-f7b9-4e3d-ba87-e9ac13dee406%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66a2f0adba69cbf1857f8726d7d6b0c97fcd26e56ed50eb94aba8c176a2bcc85

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T5%2BqTSAKcci4z86ykQNFubCZlxWB3XKDCfqqnzrRmx7hmhEj9ZyGzaA3ZECzKuSduoKsQeCjnMrNp54h63FYN2JY921FWeF7M3UT8%2BbBV5z%2BYeDgMZL0hfk%2BNcGeiFmR6dyS2XG9"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e8879479bf696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
v1
prg.smartadserver.com/prebid/ Frame A690 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame A690 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e1bba4d800545cbd99d413c57bb28e6155fb8462c55391a4c40564a4e00c8ac3
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:22 GMT
AN-X-Request-Uuid
dda1d46c-005d-4b32-a3ac-3ad1285405c4
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame A690 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:22 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
cdb
bidder.criteo.com/ Frame A690 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=13611278499&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:22 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
translator
hbopenbid.pubmatic.com/ Frame A690 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:21 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame A690 		334 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876439968&tk_flint=pbjs_lite_v7.19.0&x_source.tid=43d70a69-406d-4d8f-bbc5-56fff240a32f&l_pb_bid_id=127376f33abad3f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7824508587352144
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
4ad37e5c6c93baf2c2da2af8953b6c14c934985d0348be97f6849a2c78eb3ac3

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
334
expires
Wed, 17 Sep 1975 21:32:10 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame A690 		37 B
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22138c3c5d5fbf0ca%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876439968%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876439968%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221462e98d3b46b9b%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%2243d70a69-406d-4d8f-bbc5-56fff240a32f%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%22ba40af3b-f94e-418a-871f-de992082e36b%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcca2c909fac41c8d7ee57ddc66ce0711f1ec1e1688445dcc08df86bc28a5c7c

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yx4BDfqvt%2BJOjIJUWA3XBLNUix7sBYeC38ct4LF8ZgaIRuCM3Ft9pjXwdNUXh63PQIfarhLIAsYIkGEUjoZnntDilR8%2BoDZP14fnDMfx2Lh5WcJaD7D2l2BSfatAD7z9okRXJ3BY"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e8879489dc696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
j-6162252-3290827.js
cdn.flashtalking.com/xre/616/6162252/3290827/js/ Frame 0E9D 		86 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/xre/616/6162252/3290827/js/j-6162252-3290827.js
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/imp/2/171383;6162252;201;js;GroupMCompetenceCenter;DEToyotaAlwaysOnRangeAlwaysOnConvertDisplayLightReactionProspectingSuperBanner0122/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ft_section=13571920_CorollaHB_PR_AutoOpt&ftOBA=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Domaxbbue%26e%3D1544311770728&ft_keyword=13571920_CorollaHB_PR_AutoOpt&gdpr=0&gdpr_consent=&cachebuster=104085.63713330677
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
1c67e5a80dec6262552573a039128251d895be8c9a5240e7f9e71a2eb3c9c06b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:22 GMT
Content-Encoding
gzip
x-amz-request-id
PJAVETC4NVK97FHA
Connection
Keep-Alive
Content-Length
21350
x-amz-id-2
psmqyX+k+KpdL8Ivu3Gbnzjd9jQS+vpAOteoB25ioBEHLK57vXIZXBBA5tFJwvXefhQ/AFDkr/I=
Last-Modified
Fri, 26 Aug 2022 10:15:40 GMT
ETag
"1661508940"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
X-HW
1671876439.dop004.fr8.shc,1671876442.dop004.fr8.t,1671876442.cds273.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=463
Accept-Ranges
bytes
pbjs
htlb.casalemedia.com/openrtb/ Frame 018F 		36 B
503 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2214010442e34079%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876439942%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876439942%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222e29f1e68fd397%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%22d9fda5dc-55f1-4ef1-9403-dc4f2210a535%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%22fa6a1e15-8dd1-455f-af7f-7fd22a337f84%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f095e815025c4c078a942e3314e6118425f8641b9e37330c24fb06544e74e801

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SbJ6972gxpxOuqX4qKwpzANISD5Gjo33LBEr8CtdBVa8D0E%2BxSoJ33oChZ4mpdYP%2BPnW7op78RbrtWnF7kd0adbU%2FdIIMyzQ9F%2B6iWT5BkcFqSf7iA%2FRUYeFFfp4K4ihgTLRsFi4"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e8879489de696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
prebid
ib.adnxs.com/ut/v3/ Frame 018F 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
f0e663610d94b6f5ab02126a1d22bf6e987463c722dc0c92ca67bdfd85095b66
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:22 GMT
AN-X-Request-Uuid
d0f51520-9bac-4bda-ad54-9e31807da5b6
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ Frame 018F 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=45826803270&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:21 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
translator
hbopenbid.pubmatic.com/ Frame 018F 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:22 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 018F 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:22 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 018F 		334 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876439942&tk_flint=pbjs_lite_v7.19.0&x_source.tid=d9fda5dc-55f1-4ef1-9403-dc4f2210a535&l_pb_bid_id=126ca9ca90ae761&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6741060957487344
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
ba7c20e0ec0b29b295f61779344c3913d3a6a817826bdcfc4dd2b168d8bc8848

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
334
expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
prg.smartadserver.com/prebid/ Frame 018F 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
async_usersync
ib.adnxs.com/ Frame CF04 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1654713&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:22 GMT
AN-X-Request-Uuid
a2896844-49ec-48cc-83be-c06e8087a128
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
j-6162252-3290827.js
cdn.flashtalking.com/xre/616/6162252/3290827/js/ Frame F2A8 		86 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/xre/616/6162252/3290827/js/j-6162252-3290827.js
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/imp/2/171383;6162252;201;js;GroupMCompetenceCenter;DEToyotaAlwaysOnRangeAlwaysOnConvertDisplayLightReactionProspectingSuperBanner0122/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ft_section=13571920_CorollaHB_PR_AutoOpt&ftOBA=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Drnekscbjcg%26e%3D1544311770728&ft_keyword=13571920_CorollaHB_PR_AutoOpt&gdpr=0&gdpr_consent=&cachebuster=248886.98557302312
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
1c67e5a80dec6262552573a039128251d895be8c9a5240e7f9e71a2eb3c9c06b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:22 GMT
Content-Encoding
gzip
x-amz-request-id
PJAVETC4NVK97FHA
Connection
Keep-Alive
Content-Length
21350
x-amz-id-2
psmqyX+k+KpdL8Ivu3Gbnzjd9jQS+vpAOteoB25ioBEHLK57vXIZXBBA5tFJwvXefhQ/AFDkr/I=
Last-Modified
Fri, 26 Aug 2022 10:15:40 GMT
ETag
"1661508940"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
X-HW
1671876439.dop133.fr8.t,1671876439.cds107.fr8.shn,1671876442.dop133.fr8.t,1671876442.cds273.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=463
Accept-Ranges
bytes
async_usersync
ib.adnxs.com/ Frame AFC9 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1654713&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:22 GMT
AN-X-Request-Uuid
a26b0be0-6408-4c21-9af7-edde36644409
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
fra1-ib.adnxs.com/ Frame DC10 		0
951 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fforward.com%2F&e=wqT_3QKoC_BMqAUAAAMA1gAFAQjWnpudBhDG_ozcv7WAugcYja-4qpOZ7ppWKjYJDJOpglFJfT8RflWRfrkedj8ZAAAAgBSu5z8hflWRfrkedj8pDJMJJPCaMQAAAEDheoQ_MPmGhQw4mFBA4RhIAlCb0ra5AViezX9gAGix8pcBeLrZBYABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJpdWYoJ2EnLCA0NTA2MTg4LCAwKTt1ZignaScsIDc2NTY5MjYsIDApO3VmKCdnJywgMTkxMDI1MDcsIDAJKTxzJywgMjc4NTgwOTIyLCAwCRYwcicsIDM4ODg2ODM3OQUW9IEBkgKJBSFRWC1ETGdqWDl1TVpFSnZTdHJrQkdBQWduczFfTUFFNEFFQUFTT0VZVVBtR2hReFlBR0M5Qm1nQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkFxZ0JBckFCQUxrQk5FNWNPNVdXZXpfQkFmUkQ0TFgzUm4wX3lRRUFBQURBek16c1A5a0JTRE1XVFdjbjdqX2dBZDZyMHdQMUFRQUFRRUNZQWdDZ0FnQzFBZ0FBQUFDOUFnQUFBQURBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdHQUF3R1lBd0dpQXc0SWdfeS1KeEFFR0FFdHdYS3dPYUlERXdpdDBfTW1FQW9ZQVMxbVptWV9NZ04xYm5HaUF3NEltcm1ZSlJBTEdBSXRBQUFBQUxvRENVWlNRVEU2TlRjM051QURpRENBQkpIa3FnbUlCTENKcXdtUUJBR1lCQVN5QkFrSXZ1b1JFSl9jcEEyNkJCa0k3UWdSdUI2RjYxRzRuajhaQUFBQUEBy1hBQWd2dW9Sd1FTNEhvWHJVYmllUDhrRQkbAQEYRFlCQUR4QgELDQF4aUFXUUxaZ0Z1cDNyaEFHcEJVZ3pGazFuSi00X3NRVQ0mFEFBQU1FRgEHCQE4REpCUUFBQUtBTGF1a18wLigABE5rFSi4OERfZ0Jjc0Y4QVdyOW8wSi1BWE1oSk1DZ2dZRFJWVlNpQVlBa0FZQm1BWUFvUVkJWzRBQUlRS2dHQkxJR0pBaxEUCEFBQh3HBEJrGRgAQx0YRExnR0NnLi6aApkBIV9oWUEydzqNAhBKN05meQG4BEF4EUIsQ0VBNkNVWlNRVEU2JZFAa0NJTUVsSU14Wk5aeWZ1UDEdYQBGHXkIR0c0NWUAMh0YAEgdMAxIZ0FpRaEBAfDXRHdQdy4u2AIA4AKbhU7qAhRodHRwczovL2ZvcndhcmQuY29tL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA_DSkgHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMODAuMjU1LjcuMTA4qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANIEDjMxNjkjRlJBMTo1Nzc22gQCCAHgBAHwBJvStrkBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAQ5w2AUB4AUB8AWr70n6BQQIABAAkAYAmAYAuAYAwQYBITAAAPA_0Ab_C9oGFgoQCREZAXQQABgA4AYB8gYCCACABwGIBwCgBwHIB7rZBdIHDQkRKAEmCNoHBgFdcBgA4AcA6gcCCADwB5bFA4oIAhAAlQgAAIA_mAgB&s=e24a9954e4c56ab92b6ebd44df05d723a1c23889&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=250&sid=1425382271713132305&vd=ct~0|rr~0&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=25248633&sw=1600&sh=1200&pw=1600&ph=250&ww=1600&wh=250&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/231/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:22 GMT
AN-X-Request-Uuid
0050a604-ee4c-4914-953d-372905b41367
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
j-6162252-3290827.js
cdn.flashtalking.com/xre/616/6162252/3290827/js/ Frame 434A 		86 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/xre/616/6162252/3290827/js/j-6162252-3290827.js
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/imp/2/171383;6162252;201;js;GroupMCompetenceCenter;DEToyotaAlwaysOnRangeAlwaysOnConvertDisplayLightReactionProspectingSuperBanner0122/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ft_section=13571920_CorollaHB_PR_AutoOpt&ftOBA=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dppqndwhs%26e%3D1544311770728&ft_keyword=13571920_CorollaHB_PR_AutoOpt&gdpr=0&gdpr_consent=&cachebuster=534526.3713044231
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
1c67e5a80dec6262552573a039128251d895be8c9a5240e7f9e71a2eb3c9c06b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:22 GMT
Content-Encoding
gzip
x-amz-request-id
PJAVETC4NVK97FHA
Connection
Keep-Alive
Content-Length
21350
x-amz-id-2
psmqyX+k+KpdL8Ivu3Gbnzjd9jQS+vpAOteoB25ioBEHLK57vXIZXBBA5tFJwvXefhQ/AFDkr/I=
Last-Modified
Fri, 26 Aug 2022 10:15:40 GMT
ETag
"1661508940"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
X-HW
1671876439.dop144.fr8.t,1671876439.cds052.fr8.shn,1671876442.dop144.fr8.t,1671876442.cds273.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=463
Accept-Ranges
bytes
publishertag.prebid.js
static.criteo.net/js/ld/ Frame BAC3 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:22 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 25 Dec 2022 10:07:22 GMT
vevent
fra1-ib.adnxs.com/ Frame B800 		0
951 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fforward.com%2F&e=wqT_3QKoC_BMqAUAAAMA1gAFAQjWnpudBhC82O_R09C2lC0Yja-4qpOZ7ppWKjYJDJOpglFJfT8RflWRfrkedj8ZAAAAgBSu5z8hflWRfrkedj8pDJMJJPCaMQAAAEDheoQ_MPmGhQw4mFBA4RhIAlCb0ra5AViezX9gAGix8pcBeMOIBoABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJpdWYoJ2EnLCA0NTA2MTg4LCAwKTt1ZignaScsIDc2NTY5MjYsIDApO3VmKCdnJywgMTkxMDI1MDcsIDAJKTxzJywgMjc4NTgwOTIyLCAwCRYwcicsIDM4ODg2ODM3OQUW9IEBkgKJBSFrbjhGV3dqWDl1TVpFSnZTdHJrQkdBQWduczFfTUFFNEFFQUFTT0VZVVBtR2hReFlBR0M5Qm1nQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkFxZ0JBckFCQUxrQk5FNWNPNVdXZXpfQkFmUkQ0TFgzUm4wX3lRRUFBQURBek16c1A5a0JTRE1XVFdjbjdqX2dBZDZyMHdQMUFRQUFRRUNZQWdDZ0FnQzFBZ0FBQUFDOUFnQUFBQURBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0SWdfeS1KeEFFR0FFdHdYS3dPYUlERXdpdDBfTW1FQW9ZQVMxbVptWV9NZ04xYm5HaUF3NEltcm1ZSlJBTEdBSXRBQUFBQUxvRENVWlNRVEU2TmpZek1PQURpRENBQkpIa3FnbUlCTENKcXdtUUJBR1lCQVN5QkFrSXZ1b1JFSl9jcEEyNkJCa0k3UWdSdUI2RjYxRzRuajhaQUFBQUEBy1hBQWd2dW9Sd1FTNEhvWHJVYmllUDhrRQkbAQEYRFlCQUR4QgELDQF4aUFYbU01Z0Z1cDNyaEFHcEJVZ3pGazFuSi00X3NRVQ0mFEFBQU1FRgEHCQE4REpCUUFBQUtBTGF1a18wLigABE5rFSi4OERfZ0Jjc0Y4QVdyOW8wSi1BWE1oSk1DZ2dZRFJWVlNpQVlBa0FZQm1BWUFvUVkJWzRBQUlRS2dHQkxJR0pBaxEUCEFBQh3HBEJrGRgAQx0YRExnR0NnLi6aApkBITlCWkIyQTqNAhBKN05meQG4BEF4EUIsQ0VBNkNVWlNRVEU2JZFARUNJTUVsSU14Wk5aeWZ1UDEdYQBGHXkIR0c0NWUAMh0YAEgdMAxIZ0FpRaEBAfDXRHdQdy4u2AIA4AKbhU7qAhRodHRwczovL2ZvcndhcmQuY29tL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA_DSkgHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMODAuMjU1LjcuMTA4qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANIEDjMxNjkjRlJBMTo2NjMw2gQCCAHgBAHwBJvStrkBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAQ5w2AUB4AUB8AWr70n6BQQIABAAkAYAmAYAuAYAwQYBITAAAPA_0Ab_C9oGFgoQCREZAXQQABgA4AYB8gYCCACABwGIBwCgBwHIB8OIBtIHDQkRKAEmCNoHBgFdcBgA4AcA6gcCCADwB5bFA4oIAhAAlQgAAIA_mAgB&s=0840faf76275c071da715622602648d07ad55da4&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=250&sid=1425382271713132305&vd=ct~0|rr~0&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=25248633&sw=1600&sh=1200&pw=1600&ph=250&ww=1600&wh=250&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/231/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:22 GMT
AN-X-Request-Uuid
4833969b-ec55-4d07-a95a-76a7576d0f0c
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
impl_v92.js
www.googletagservices.com/dcm/ Frame 0694 		60 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v92.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8acf96115cb55ad61bfdc24b7918a946d1b983ac14062a584dbbe8744021430a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 18 Dec 2022 01:33:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
549252
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23563
x-xss-protection
0
last-modified
Mon, 07 Nov 2022 16:32:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 18 Dec 2023 01:33:10 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame E19E 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
412
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
77e88795b9b02bd2-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 10:07:22 GMT
expires
Sat, 24 Dec 2022 14:07:22 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 8A0D 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
53030
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 24 Dec 2022 10:07:22 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 15 Dec 2022 19:23:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
100, 270968
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220068-HHN
X-Timer
S1671876442.390458,VS0,VE0
usync.html
eus.rubiconproject.com/ Frame 2F8B 		281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 10:07:22 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C756 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=157698
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sat, 24 Dec 2022 10:07:22 GMT
expires
Mon, 26 Dec 2022 05:55:40 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 0ABF 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
53030
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 24 Dec 2022 10:07:22 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 15 Dec 2022 19:23:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
100, 275555
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220086-HHN
X-Timer
S1671876442.390770,VS0,VE0
ixmatch.html
js-sec.indexww.com/um/ Frame 854B 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
412
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
77e88795b9b32bd2-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 10:07:22 GMT
expires
Sat, 24 Dec 2022 14:07:22 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 7C8C 		281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 10:07:22 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 028A 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=157698
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sat, 24 Dec 2022 10:07:22 GMT
expires
Mon, 26 Dec 2022 05:55:40 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 4655 		281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 10:07:22 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3FBC 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=157698
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sat, 24 Dec 2022 10:07:22 GMT
expires
Mon, 26 Dec 2022 05:55:40 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 0EE4 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
412
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
77e88795b9b52bd2-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 10:07:22 GMT
expires
Sat, 24 Dec 2022 14:07:22 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame A736 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
53030
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 24 Dec 2022 10:07:22 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 15 Dec 2022 19:23:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
100, 271648
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220080-HHN
X-Timer
S1671876442.408956,VS0,VE0
ixmatch.html
js-sec.indexww.com/um/ Frame D47E 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
412
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
77e88795b9b62bd2-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 10:07:22 GMT
expires
Sat, 24 Dec 2022 14:07:22 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 9D9F 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
53031
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 24 Dec 2022 10:07:22 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 15 Dec 2022 19:23:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
100, 272298
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220072-HHN
X-Timer
S1671876442.410646,VS0,VE0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B7D9 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=157698
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sat, 24 Dec 2022 10:07:22 GMT
expires
Mon, 26 Dec 2022 05:55:40 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame C33A 		281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 10:07:22 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
setuid
prebid.bidstreamserver.com/ Frame 2249
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=&us_privacy=&cb=https%3A%2F%2Fprebid.bidstreamserver.com%2Fsetuid%3Fbidder%3Damx%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D
  • https://prebid.bidstreamserver.com/setuid?bidder=amx&gdpr=&gdpr_consent=&f=i&uid=dbcfc33f-ff91-424a-934b-38ba7bb6e679&gdpr=&gdpr_consent=&us_privacy=
86 B
468 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.bidstreamserver.com/setuid?bidder=amx&gdpr=&gdpr_consent=&f=i&uid=dbcfc33f-ff91-424a-934b-38ba7bb6e679&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Server
165.227.116.104 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
prebid2.advertserve.com
Software
nginx /
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:23 GMT
server
nginx
vary
Origin
x-frame-options
DENY
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
content-length
86
expires
0

Redirect headers

location
https://prebid.bidstreamserver.com/setuid?bidder=amx&gdpr=&gdpr_consent=&f=i&uid=dbcfc33f-ff91-424a-934b-38ba7bb6e679&gdpr=&gdpr_consent=&us_privacy=
date
Sat, 24 Dec 2022 10:07:21 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
content-length
0
async_usersync
ib.adnxs.com/ Frame E943 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1654713&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:22 GMT
AN-X-Request-Uuid
c519351e-8a28-45ad-9c5b-c144cd00a86c
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ifr.php
delivery.advanseads.com/1.0/ Frame 5B21 		55 KB
55 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://delivery.advanseads.com/1.0/ifr.php?zid=77191&dt=2&cb=1305348382&c=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FXwfOGVHaWz8c5PNfJ8JUPwAAAIA9Cu8_HOTzXyfCVD9gB84ZUdpbP3X44UXzBG59jRdONcm4NVZXz6ZjAAAAAJdDgQEYKAAA6h8AAAIAAAAgNuAPnuYfAAAAAABVU0QARVVSANgCWgAx-QAAAAABAQUCAAAAAMoAJiTwUgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521xRSavgjVn4IXEKDsgH8Yns1_IAAoADF7FK5H4XqEPzoJRlJBMTo1Njc5QIgwSQAAAAAAAPA_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAANA_aQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DODE3MCNGUkExOjU2Nzk%3D%2Fbn%3D93300%2Fclickenc%3D&i=9038166945075165301&&&cb=720627&adv_imp=45900364-ebbc-481a-8893-5ae6b73a23cc&gen_imp=true&adv_int_imp=4a7ebf27-1dd6-4401-a31c-11cdefcfc5d8&zf=%7B%22property_code%22%3A%22TADE48391106_%5BADV_LOCAL_LANG%5D%22%2C%22browser_lang%22%3A%22%5BADV_LOCAL_LANG%5D%22%7D
Requested by
Host: cdn.advanseads.com
URL: https://cdn.advanseads.com/content_server/1.0/adv_jstag_2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.223.100.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-100-168.compute-1.amazonaws.com
Software
/
Resource Hash
95a3085dd3d3a06b6e5cd7363c44fe17c2f698c53aeee5f44891329d91bd5ecf

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html
date
Sat, 24 Dec 2022 10:07:22 GMT
prebid
ib.adnxs.com/ut/v3/ Frame DA0F 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
49f060c2cf08694c7216cbb2371498dc264a9c3da7ebbd8e29461ac7e7b97d48
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:22 GMT
AN-X-Request-Uuid
f0e67dfe-72f2-4057-ae4c-f453136e91fa
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame DA0F 		36 B
506 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%223fe4421408e933%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876440205%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876440205%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2241323a18e94397%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%22b4548bee-30fc-4809-91d5-39455fce233a%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%225731b5b7-c81f-4c30-baee-9239709b9bb8%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc349392e5d4cea9d296f1bb100c3f3b82a2bdb3a22cec6d5cfc0569d0a79275

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FK4aNjTiZzvOsCJkY%2BUCvpRBtAM6aUjktDfMAZQtMsVKpydoXVpBQ0qZ8tkQ1nqQoy%2BGZkCTlWxmJ%2BDb3h%2FXPrv5cvRGekS4qMhHaVd6cCXIj4D%2BTkpx9g3S5CQgDWEZLjAQq1nr"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e887953afb696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame DA0F 		333 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876440205&tk_flint=pbjs_lite_v7.19.0&x_source.tid=b4548bee-30fc-4809-91d5-39455fce233a&l_pb_bid_id=6ae33bd852fc6c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.45404940695474716
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
f1524829dc01b3eaeb0faba5e6511c6ce9168d9f1c4668e178b0deac883db740

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
333
expires
Wed, 17 Sep 1975 21:32:10 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame DA0F 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:22 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
cdb
bidder.criteo.com/ Frame DA0F 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=40417507446&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:21 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
translator
hbopenbid.pubmatic.com/ Frame DA0F 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:22 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ Frame DA0F 		171 B
561 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:21 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4CB6 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=157698
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sat, 24 Dec 2022 10:07:22 GMT
expires
Mon, 26 Dec 2022 05:55:40 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 94FC 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
412
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
77e88795b9b72bd2-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 10:07:22 GMT
expires
Sat, 24 Dec 2022 14:07:22 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame E364 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
53031
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 24 Dec 2022 10:07:22 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 15 Dec 2022 19:23:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
100, 272300
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220072-HHN
X-Timer
S1671876442.452263,VS0,VE0
usync.html
eus.rubiconproject.com/ Frame A436 		281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 10:07:22 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
translator
hbopenbid.pubmatic.com/ Frame 8F0C 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:21 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 8F0C 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:22 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid
ib.adnxs.com/ut/v3/ Frame 8F0C 		13 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
bfacf385f86125785fed4aae078b4b073906ebe479f3b42a0d1f16516f9389ec
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 24 Dec 2022 10:07:22 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
45037338-96cf-42f6-89ce-26f62ac49e77
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame 8F0C 		36 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2272952a9d1b4522%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876440194%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876440194%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%228ff3b5a596d1c9%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%22c2181ca3-e97a-4f91-b9c0-5190110a83d4%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%221d556cb2-8870-49c6-809e-f7ad465b877c%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
322978f4918db2d82e11e44f89dd4bc738668cbdda2e26a2edc2140ea7873c4d

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JAp%2BfICj47Pr0UUWqJDjzTbsV8gL8wahG6wnDnSHTamCE2r4itnVJ8%2FTQEZAcwXTMQnFLIhBFnK%2BANxa1INUPSkVBB%2BYzHTex072wOnGeK93ecV7NoLhH%2FnwuQVyi7Xilaz4B1rn"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e887957b52696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 8F0C 		333 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876440194&tk_flint=pbjs_lite_v7.19.0&x_source.tid=c2181ca3-e97a-4f91-b9c0-5190110a83d4&l_pb_bid_id=10fb7b59c700777&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.33993631030734917
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
5b81f9bbdff590ab21ba555736a9735c924d3be5d2204248ce94481ef5f330e2

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
333
expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
prg.smartadserver.com/prebid/ Frame 8F0C 		171 B
561 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame 8F0C 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=18148813017&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:22 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
prebid
ib.adnxs.com/ut/v3/ Frame 9A73 		14 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
f5d7102905ad096629451745d43050a6aab114a80ea27a9b458500b09cd006a5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 24 Dec 2022 10:07:22 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
d983aa06-2f50-45e5-bf02-86902979d1b3
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 9A73 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:22 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 9A73 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:22 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
pbjs
htlb.casalemedia.com/openrtb/ Frame 9A73 		36 B
503 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2273dd7617cd9709%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876440214%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876440214%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%228e18cdb06b0496%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%22d4a44559-6437-4309-aecd-de506357b3d1%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%22a3df36ae-7b43-4d02-be6a-1304e7e8b621%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfc2aef5a235f1d8c3485cdcaf542e6d743b273d1017651e0a4aa5b8c7d368de

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yMyVT3GQPwRIqethgyztKYF3EzFNOUSz%2BDgiWN1pnzvkeEqN1FVJEg3sOn9gzyVB%2B1smJC1WA6bv%2FcYXhdlXjjZFL13rkJGrh1ZQd68Caa9x3I5s37DJLxQv6y2Jll36w%2BliiLQf"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e88795bbce696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
cdb
bidder.criteo.com/ Frame 9A73 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=21787377200&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:22 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
v1
prg.smartadserver.com/prebid/ Frame 9A73 		171 B
561 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 9A73 		333 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876440214&tk_flint=pbjs_lite_v7.19.0&x_source.tid=d4a44559-6437-4309-aecd-de506357b3d1&l_pb_bid_id=14acec9de87155a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4207302260305905
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
ae03cc8289bf29052443a7a5ca94f18937ca268eb2c4d2c88190de50d20866f5

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
333
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ Frame 6F27 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:22 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame 6F27 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
db814861d49be04b20787ea6ccaf1f0cabafcf2b6242e7cbb7ac9bcb92e81b01
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:22 GMT
AN-X-Request-Uuid
283a7944-d288-4642-a395-38c8cad9e414
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 6F27 		333 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876440222&tk_flint=pbjs_lite_v7.19.0&x_source.tid=7fce3afd-a101-4f46-b186-39c9865d7d0f&l_pb_bid_id=6c5560e3d1a5fe&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9345116779853258
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
6a4c4b1a8f4514c75ab4777f187d1a4a1d686ffd4e82d9742e64a0151b0df746

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
333
expires
Wed, 17 Sep 1975 21:32:10 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame 6F27 		36 B
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22761009a2fb84bf%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876440222%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876440222%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%228225cd70c14225%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%227fce3afd-a101-4f46-b186-39c9865d7d0f%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%227f04e1fb-3f48-4ae7-81c0-b035e985d2c9%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f75299b386c373f0a26b37138779fda88de69fb1b01d5aac240838901a2d725

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kMktrIwWBJh2MoflOUQX9xnyQIUQHwMlloyqxzIqz2JiOPzCkofvFw0aV9%2BECfCERJs6X6htskVIug%2FiTK8Lvo%2BFcq2T4a8rIivYg4bJ0ExB3XhinEiQdmTQgrZPe9Oy17kY5APS"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e88795bbd2696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
v1
prg.smartadserver.com/prebid/ Frame 6F27 		171 B
561 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame 6F27 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=42515077217&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:22 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 6F27 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:22 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
cdb
bidder.criteo.com/ Frame 859C 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=51533559630&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:21 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 859C 		333 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876440231&tk_flint=pbjs_lite_v7.19.0&x_source.tid=e574a0e1-8933-41e2-a931-5f8067675933&l_pb_bid_id=40a736eb7d7d65&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.2309591430165765
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
9c223c19c854dc59fe511ac1cb396385d8b467b7ac361eb7e5429be7a5486db7

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
333
expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
prg.smartadserver.com/prebid/ Frame 859C 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:21 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ Frame 859C 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:21 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ Frame 859C 		36 B
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%229d25ad253a8ae4%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876440231%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876440231%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2210bc07939a03111%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%22e574a0e1-8933-41e2-a931-5f8067675933%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%229a95abd5-e16b-4449-8db3-66e398ff50e4%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9512b4e3770bad082033ce17ef91edb5e4d9060f19c9a3ba0bccd6fbf20ad7cb

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wcfX20uNJplVFz88czOEjLO%2FGZ2hdcH1UKS3USkLl2qQjx3JCIfdUnYh8PWAlz0Dgqx1VUh4icLREvv01NQD%2FG3u14BzLy9vwsKf7sY%2FK76wwFZyrmM8EimOormYa8IgRSUq6Wy0"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e88795bbd6696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
prebid
ib.adnxs.com/ut/v3/ Frame 859C 		139 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
8479006cd8ee0f3d9f3db91f8b57ac53772dc44b1a46c9fc4130555c9ad62d96
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:22 GMT
AN-X-Request-Uuid
4345a4f9-5f58-4803-a8a4-bc4a2117b198
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 859C 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:22 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
pbjs
htlb.casalemedia.com/openrtb/ Frame 1CA3 		35 B
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221bc4a094f1a29%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876440240%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876440240%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2225a054ac0a928a%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%22b32d04c6-8ce9-4f17-ae68-f2fc20148fda%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%22b8df7f88-f1a0-4196-98c2-916a61a7eba6%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f02aebe2e48c84eb9cf3154a4d143685fc87cb37e52be1ebeeadb9b4783354b

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ClgrxRDAxt2%2B65pvwWPL1wJBOOBwUSDT9spmTSVYk1iwjh585%2FeE09OudLSDQAfEQgkBLG5NC%2BYJ91snp4WW4BqUeK%2Bk9FcGP2ljZPjZCmhRqn6C5UEPRti2JrKYKBCeV2m3KnhR"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e88795bbe1696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35
expires
0
prebid
ib.adnxs.com/ut/v3/ Frame 1CA3 		13 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
77f513ff8101df63c928451ea356e5378d5b7707fe5d5cf724db89cbda7b0766
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 24 Dec 2022 10:07:22 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
2c6fc1ed-7dec-4d1b-80ce-ec8a327ed845
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ Frame 1CA3 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=31751375208&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:21 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
translator
hbopenbid.pubmatic.com/ Frame 1CA3 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:22 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ Frame 1CA3 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 1CA3 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:22 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 1CA3 		333 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876440240&tk_flint=pbjs_lite_v7.19.0&x_source.tid=b32d04c6-8ce9-4f17-ae68-f2fc20148fda&l_pb_bid_id=14d5f6587cb034e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.06607491724713421
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
d711f0b89decdbc7e514dfe8641bb296c303ae59bc68cbdfb16a25d9fe0fe9bb

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
333
expires
Wed, 17 Sep 1975 21:32:10 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame D2ED 		36 B
500 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221ac127e8e8a124%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876440254%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876440254%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2226831b2e1d863f%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%2242eb5ed8-1609-443d-b93c-090d4959f0f4%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%22c6f4e49c-003c-4b7d-8bc3-f1c6e61a4691%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
009539af19c1a1855cd06a8aebe2833d60bf3dd224ac6c03e555775d81f65751

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0AruDAifcyXXqvmy55lEKTCm67glF5GOPu30kVfTLUJGJpltiOuVn7t%2FgIXhAnlfSXid%2Bu9hXqYtF0t4cWaw2OK6O9%2B4WFZ7CIktTfCRYuWiy8ThQa5TbJ0GC34yAsMovastVHgK"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e88795ec3c696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
prebid
ib.adnxs.com/ut/v3/ Frame D2ED 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
3ea16e896e5d24216c250921e9bceec95a207fe792de1ed160457407be7fa0e8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:22 GMT
AN-X-Request-Uuid
87452863-2eb9-4a91-a1d1-b55184f25b79
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame D2ED 		333 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876440254&tk_flint=pbjs_lite_v7.19.0&x_source.tid=42eb5ed8-1609-443d-b93c-090d4959f0f4&l_pb_bid_id=69e958c9d13077&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6938967068714599
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
02fc5c784808657ad32bb088b3cb3d44b7e713a563af144ef10819fb5e3678c1

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
333
expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
prg.smartadserver.com/prebid/ Frame D2ED 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame D2ED 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=90846162203&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:22 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame D2ED 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:22 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
translator
hbopenbid.pubmatic.com/ Frame D2ED 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:21 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vevent
fra1-ib.adnxs.com/ Frame 6F84 		0
951 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fforward.com%2F&e=wqT_3QKIFfBMiAoAAAMA1gAFAQjWnpudBhDU-5fFl8vevT4Yja-4qpOZ7ppWKjYJDJOpglFJfT8RflWRfrkedj8ZAAAAgBSu5z8hflWRfrkedj8pDJMJJPCaMQAAAEDheoQ_MPmGhQw4mFBA4RhIAlCb0ra5AViezX9gAGix8pcBeL7ZBYABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJpdWYoJ2EnLCA0NTA2MTg4LCAwKTt1ZignaScsIDc2NTY5MjYsIDApO3VmKCdnJywgMTkxMDI1MDcsIDAJKTxzJywgMjc4NTgwOTIyLCAwCRYwcicsIDM4ODg2ODM3OQUW9IEBkgLpDiFOMjVRbVFqWDl1TVpFSnZTdHJrQkdBQWduczFfTUFFNEFFQUFTT0VZVVBtR2hReFlBR0M5Qm1nQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkFxZ0JBckFCQUxrQk5FNWNPNVdXZXpfQkFmUkQ0TFgzUm4wX3lRRUFBQURBek16c1A5a0JTRE1XVFdjbjdqX2dBZDZyMHdQMUFRQUFRRUNZQWdDZ0FnQzFBZ0FBQUFDOUFnQUFBQURBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0SWdfeS1KeEFFR0FFdHdYS3dPYUlERXdpdDBfTW1FQW9ZQVMxbVptWV9NZ04xYm5HaUF3NEltcm1ZSlJBTEdBSXRBQUFBQUxvRENVWlNRVEU2TlRjM09lQURpRENBQkpIa3FnbUlCTENKcXdtUUJBR1lCQVNxQktZSENQX19fX19fX19fX193RVFfX19fX19fX19fX19BUmpfX19fX18FIww4QklQBQkJARR3RW9DREQJDAUBCDhCTzIgAARGQQUXDQEIQVVqDQoBAQg4QlU2LAAAWQEWEQEEQVc2WAAAYTYsAAB3ESgBARhBWGdCZ0FIAQsNAQg4Qmk6EAAAazoQACBtQUh3MHBJQm86GAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAAIDBBSDVob1VNMjoYAAA0OhAAADY6EAAAODoQABwtQUc1Qm9BQw3hBQEIQVlnNhAAAFo6IAAAWjogAABhOiAAAGE6IAAAYjogAABiOiAAAGM6IAAAYzogAABkOiAAAGQ6IAAAZTogAABlOiAAAGY6IAAAZjogAARZQS4VAiEANhAAAFo6IAAAWjogAABhOiAAAGE6IAAAYjogAABiOiAAAGM6IAAAYzogAABkOiAAAGQ6IAAQZUFEQU86FAAAZjo0AABmOiAACFlBRSXtDQEIQVlnNhAAAFo6IAAAWjogAABhOiAAAGE6IAAAYjogAABiOiAAAGM6IAAAYzogAABkOiAAAGQ6IAAAZTogAABlOiAAAGY6IAAAZjogAAhZQUYN-wUBCEFZZzYQAABaOiAAAFo6IACYYklFQ1FpLTZoRVFuOXlrRGJvRUdRanRDQkc0SG9YclViaWVQeGtBoaoFAVRDQy02aEhCQkxnZWhldFJ1SjRfeVFRBRsFARhOZ0VBUEVFBQwFAVBDSUJaTXRtQVc2bmV1RUFha0ZTRE3NJAgteEIdOwh3UVUFMgUBCE1rRgEIHG9BdHE2VF9SLigAADIVKMBEd1AtQUZ5d1h3QmF2MmpRbjRCY3lFa3dLQ0JnTkZWVktJQmdDUUJnR1lCZ0NoQmdBAVM0QUFBaEFxQVlFc2dZa0MdgABFHQwARx0MAEkdDDh1QVlLmgKZASFBUmZTMnc6bQcoSjdOZnlBQUtBQXgBZwEBLENFQTZDVVpTUVRFNsVxQFVDSU1FbElNeFpOWnlmdVAxPSwARj1pAEc9gQAyHRgASB0wDEhnQWnlgQEB8NdEd1B3Li7YAgDgApuFTuoCFGh0dHBzOi8vZm9yd2FyZC5jb20vgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgD8NKSAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBAw4MC4yNTUuNy4xMDioBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQOMzE2OSNGUkExOjU3NznaBAIIAeAEAfAEm9K2uQGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAABDnDYBQHgBQHwBavvSfoFBAgAEACQBgCYBgC4BgDBBgEhMAAA8D_QBv8L2gYWChAJERkBdBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHvtkF0gcNCREoASYI2gcGAV1wGADgBwDqBwIIAPAHlsUDiggCEACVCAAAgD-YCAE.&s=b0c88da3c29f5faeb5eab73393b8f1c3b9534a8e&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=250&sid=1425382271713132305&vd=ct~0|rr~0&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=25248633&sw=1600&sh=1200&pw=1600&ph=250&ww=1600&wh=250&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/231/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:22 GMT
AN-X-Request-Uuid
99df673b-afbe-4f4e-8bc2-6c9659685dc5
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
css
fonts.googleapis.com/ Frame 2AEF 		1 KB
419 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Titillium+Web:400,700
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request_content.php?s=44963500034056600951421012183010&a=2b5be74c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7f24d5e431e274a8d8c196752f7ab87ff9c636de1a7bc3d9c44729c1a87570a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900010.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 24 Dec 2022 10:07:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 24 Dec 2022 09:01:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 24 Dec 2022 10:07:22 GMT
/
hal9000.redintelligence.net/scale/ Frame 2AEF 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/627x627_Office-Partner.jpg
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request_content.php?s=44963500034056600951421012183010&a=2b5be74c
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.53.104.76.144.clients.your-server.de
Software
Apache /
Resource Hash
cd460b71de1648c4484c5ff960c250054d3461199625f64028cc7bfa164292b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900010.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:22 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
9286
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 2AEF 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/36340/creativesup/native4.png
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request_content.php?s=44963500034056600951421012183010&a=2b5be74c
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.53.104.76.144.clients.your-server.de
Software
Apache /
Resource Hash
5f3cbce052d7e8ffc150fcc0b00010b8a76bb94e12f67fc6ca3ff8cbd1c20a95

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900010.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:23 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
7129
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 2AEF 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/51649/creativesup/PS_Herbstkampagne2019_Inga1_OnlineMarketing_Display_Yahoo_627x627.jpg
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request_content.php?s=44963500034056600951421012183010&a=2b5be74c
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.53.104.76.144.clients.your-server.de
Software
Apache /
Resource Hash
6017578b1adcfb252bd08e1313afb51c05aa42da663ce2c50044177af1d91247

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900010.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:23 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
7384
Vary
Accept-Encoding
Content-Type
image/png
translator
hbopenbid.pubmatic.com/ Frame 46F5 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:21 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 46F5 		333 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876440270&tk_flint=pbjs_lite_v7.19.0&x_source.tid=80dc53fd-9d16-4cfd-9084-cd36c914bd7b&l_pb_bid_id=49d51ac88cbb4a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3838139493656829
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
1c2b45cb721667cbb857c2af80509559d24fe69c3a3adc6977f4a14683eda1e9

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
333
expires
Wed, 17 Sep 1975 21:32:10 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 46F5 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:22 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid
ib.adnxs.com/ut/v3/ Frame 46F5 		138 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
348ebf939ac5d4c01a7a6fb2b4bc1ef8b98b8ffcec80ae8df35071f5aef737d5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:22 GMT
AN-X-Request-Uuid
6e7811cd-f5cd-4ef5-a061-09f88f44edb4
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ Frame 46F5 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=28723882656&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:22 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
pbjs
htlb.casalemedia.com/openrtb/ Frame 46F5 		37 B
507 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2211276e961aa68b8%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876440270%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876440270%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22126448d1598cda5%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%2280dc53fd-9d16-4cfd-9084-cd36c914bd7b%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%22d5dbb667-355e-49e3-aa46-094f57532882%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0252a07c5baff1f8c729366d4b802b7cadf8bc3ed6685b86e56b9e851e8b6142

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XwU%2FH%2BbxSbshiQ7jW5Ew7KqYE3pBbg0WKUNYR9QQhSTGk5SsuE%2FBYRoyJZK8wzeuFl1ZuBOsxXuHkbaB3EyOmLDZETbLBwVPiRcr%2BW2uhoxN%2FLArD5nFENlnDs1r8Br9EiJzqbRJ"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e887964cf3696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
v1
prg.smartadserver.com/prebid/ Frame 46F5 		171 B
561 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ Frame D911 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:22 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame D911 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=25125616001&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:22 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
pbjs
htlb.casalemedia.com/openrtb/ Frame D911 		36 B
510 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%225d0f86b96354ab%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876440262%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876440262%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%226c4c1a2d61f3ee%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%22de74d622-42c0-4f1b-abf2-8bce43cb6152%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%229fb5fe82-3f9d-427d-bff5-55f0d5a656c6%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a34a34f808d987f8da99166a1abc4dc5393f62f69e81fa0237e3fe8023474ad7

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Yee0XdMorVRmbNFQTP4zefPfT%2BDEF%2BkZocqMrSQVKo1fhwxnf1tvlCAe5%2B6HX%2BPqF%2FpVqo9rt5QrtXqEZtkw%2BXqtnMdLT%2BBOihTEOktqs4pD%2BMqvJIyGP82qhyOMGiy%2FlGovlI2"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e887965d03696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
v1
prg.smartadserver.com/prebid/ Frame D911 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame D911 		333 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876440262&tk_flint=pbjs_lite_v7.19.0&x_source.tid=de74d622-42c0-4f1b-abf2-8bce43cb6152&l_pb_bid_id=1041b0d745459b6&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5402649944550746
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
3ebdf128b722884584fc81d47f95702a68de5cc732c3d1261d130cd85aac7d5b

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
333
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ Frame D911 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b4ad460966fd3f1d1f9cf6d9e2ffc52abdcf4b0a56f41fed185105dc28331e88
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:22 GMT
AN-X-Request-Uuid
f50289a9-332b-45fc-baab-15b6f680c0c5
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame D911 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:22 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 1715 		333 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876440278&tk_flint=pbjs_lite_v7.19.0&x_source.tid=d4331ddb-4045-4164-b162-21cbab30f852&l_pb_bid_id=21dc0278baa39e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5550769647038469
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
410f8fecf5797e931f6de7bf4cba90c81a27dcd1deb6dc29ef6b5dfa16b15c42

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
333
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 1715 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e2f1fddac35ded918e3749703678532e2e97d18ee7390420eb89d96f8ff7408f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:22 GMT
AN-X-Request-Uuid
19c11c67-5d35-491b-bef7-1914e47e2545
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 1715 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:22 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
pbjs
htlb.casalemedia.com/openrtb/ Frame 1715 		36 B
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22742dfa16bd957f%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876440278%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876440278%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22854cec75112e25%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%22d4331ddb-4045-4164-b162-21cbab30f852%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%226b5b413b-7064-4afd-8323-6fd50a546863%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fdb7bd08fe7081bc6bfaef1b81b15d0a6aa645e1c2411be29e957e28c725ec30

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TdzppAfK3FPjGxWALsZsrWiVxVmcMp5%2FIbKe%2B1vX%2BnQ0jBuxmOK7t5lCPl4plNtdVu57X8K%2BluenQik3elg3RUPJl8cByE9D0VcLbj13AuYirRxHqXE1VTZ4dE92hze9JFTUmpsx"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e887967d2d696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
v1
prg.smartadserver.com/prebid/ Frame 1715 		171 B
561 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ Frame 1715 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:22 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame 1715 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=93252195905&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:21 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
pbjs
htlb.casalemedia.com/openrtb/ Frame A4F6 		36 B
498 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221b2d9a2f168d77%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876440285%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876440285%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2220a20eb98711d1%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%226fd9d436-d495-4e80-8bf0-bab6b2bc479f%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%22da499652-e0c5-4745-93e5-eaa6c33971b9%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb15a1f319ea98f09e081a5fd5816f1b91efc6392e39f40fb4bbcdb57c1dcf18

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lnoOOX8KpilUVCmppnqCXNUgJ5m8BtknrwNuiMiqNagRgSKAAEf1leihjykNqO0jbm7Bgd4QSRCORnyxEFiyAZNqRkASuf7eLU%2FgHvy1RYZ1Uj72ohcoWQiw1QxhztDSgvL1rAlJ"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e887968d50696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
translator
hbopenbid.pubmatic.com/ Frame A4F6 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:21 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame A4F6 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
8fd80576121e312fbbe12a8acbe655f88b099f398731b90cff68323b52c9836e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:22 GMT
AN-X-Request-Uuid
6fa80819-8638-43bc-a158-2734177526f4
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ Frame A4F6 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=87236473446&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:22 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
v1
prg.smartadserver.com/prebid/ Frame A4F6 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame A4F6 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:22 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame A4F6 		333 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876440285&tk_flint=pbjs_lite_v7.19.0&x_source.tid=6fd9d436-d495-4e80-8bf0-bab6b2bc479f&l_pb_bid_id=145f202ebc6afa4&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4704606495856667
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
70ce6bbe885f3d1fcfb793e1179d6fe768114f53d8ef43187e9b4e39775cb9a1

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
333
expires
Wed, 17 Sep 1975 21:32:10 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C67E 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=157698
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sat, 24 Dec 2022 10:07:22 GMT
expires
Mon, 26 Dec 2022 05:55:40 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame DE4F 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
53031
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 24 Dec 2022 10:07:22 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 15 Dec 2022 19:23:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
100, 272301
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220072-HHN
X-Timer
S1671876443.663091,VS0,VE0
usync.html
eus.rubiconproject.com/ Frame 451C 		281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 10:07:22 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 4FB6 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
412
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
77e88796ab6e2bd2-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 10:07:22 GMT
expires
Sat, 24 Dec 2022 14:07:22 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6057 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=157698
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sat, 24 Dec 2022 10:07:22 GMT
expires
Mon, 26 Dec 2022 05:55:40 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame A1DE 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
412
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
77e88796bb822bd2-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 10:07:22 GMT
expires
Sat, 24 Dec 2022 14:07:22 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame ED16 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
53030
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 24 Dec 2022 10:07:22 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 15 Dec 2022 19:23:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
100, 271650
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220080-HHN
X-Timer
S1671876443.673750,VS0,VE0
usync.html
eus.rubiconproject.com/ Frame EF02 		281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 10:07:22 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame BD02 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=157698
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sat, 24 Dec 2022 10:07:22 GMT
expires
Mon, 26 Dec 2022 05:55:40 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 5703 		281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 10:07:22 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 3F22 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
53030
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 24 Dec 2022 10:07:22 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 15 Dec 2022 19:23:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
100, 270971
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220068-HHN
X-Timer
S1671876443.680565,VS0,VE0
ixmatch.html
js-sec.indexww.com/um/ Frame 35CF 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
412
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
77e88796cb9b2bd2-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 10:07:22 GMT
expires
Sat, 24 Dec 2022 14:07:22 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame A0B6 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
53030
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 24 Dec 2022 10:07:22 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 15 Dec 2022 19:23:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
100, 275558
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220086-HHN
X-Timer
S1671876443.683561,VS0,VE0
usync.html
eus.rubiconproject.com/ Frame BD40 		281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 10:07:22 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 08FA 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
412
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
77e88796cbae2bd2-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 10:07:22 GMT
expires
Sat, 24 Dec 2022 14:07:22 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D874 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=157698
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sat, 24 Dec 2022 10:07:22 GMT
expires
Mon, 26 Dec 2022 05:55:40 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 2619 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
412
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
77e88796ebeb2bd2-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 10:07:22 GMT
expires
Sat, 24 Dec 2022 14:07:22 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame DC97 		281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 10:07:22 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame ECDF 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=157698
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sat, 24 Dec 2022 10:07:22 GMT
expires
Mon, 26 Dec 2022 05:55:40 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame BC3F 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
53031
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 24 Dec 2022 10:07:22 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 15 Dec 2022 19:23:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
100, 272303
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220072-HHN
X-Timer
S1671876443.707608,VS0,VE0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame DEBD 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=157698
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sat, 24 Dec 2022 10:07:22 GMT
expires
Mon, 26 Dec 2022 05:55:40 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame A3F6 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
53030
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 24 Dec 2022 10:07:22 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 15 Dec 2022 19:23:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
100, 271651
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220080-HHN
X-Timer
S1671876443.734199,VS0,VE0
usync.html
eus.rubiconproject.com/ Frame EA32 		281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 10:07:22 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame BBDE 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
412
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
77e887971c652bd2-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 10:07:22 GMT
expires
Sat, 24 Dec 2022 14:07:22 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 44BB 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
53030
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 24 Dec 2022 10:07:22 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 15 Dec 2022 19:23:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
100, 275560
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220086-HHN
X-Timer
S1671876443.738932,VS0,VE0
usync.html
eus.rubiconproject.com/ Frame B52E 		281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 10:07:22 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 6C99 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
412
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
77e887971c662bd2-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 10:07:22 GMT
expires
Sat, 24 Dec 2022 14:07:22 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B625 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=157698
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sat, 24 Dec 2022 10:07:22 GMT
expires
Mon, 26 Dec 2022 05:55:40 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 20C4 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=157698
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sat, 24 Dec 2022 10:07:22 GMT
expires
Mon, 26 Dec 2022 05:55:40 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 1309 		281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 10:07:22 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame BD49 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
53030
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 24 Dec 2022 10:07:22 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 15 Dec 2022 19:23:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
100, 270973
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220068-HHN
X-Timer
S1671876443.740131,VS0,VE0
ixmatch.html
js-sec.indexww.com/um/ Frame 7548 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
412
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
77e887971c672bd2-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 10:07:22 GMT
expires
Sat, 24 Dec 2022 14:07:22 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
main.19.8.377.js
static.adsafeprotected.com/ Frame 90BF 		199 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.377.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/992712/61653181/skeleton.js?737021620
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:4800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c3d6dd40d554051caae0e87609382cfbf0370ef9acd3beddd1ad5c0bfd335c15

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 23:56:39 GMT
x-amz-version-id
dX.ebh6MRkbxhfqjxJgTQokuZG2AvCpL
content-encoding
gzip
via
1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
987044
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 12 Dec 2022 16:54:47 GMT
server
AmazonS3
etag
W/"6021cd2c4605b3ba4a8f0769ad2e5fc0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
1bc8eAN94QDa3x0mArgXFr_4vVgs7_sdrrugC_vOpQx8YCyz6Ga2ww==
swfobject-2.2.min.js
delivery-cdn-cf.adswizz.com/adswizz/js/ Frame 3BF9 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery-cdn-cf.adswizz.com/adswizz/js/swfobject-2.2.min.js
Requested by
Host: synchroscript.deliveryengine.adswizz.com
URL: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-45.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a18cbdbb0fbb733d7f4cba5d2afd6b2706e3f141c743f491057e5800368cd8e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://synchroscript.deliveryengine.adswizz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 04:47:48 GMT
via
1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
last-modified
Wed, 01 Apr 2015 12:24:04 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
19179
etag
"e6a40488a5f5774d02c06d0787ef01d8"
x-cache
Hit from cloudfront
content-type
application/x-javascript
accept-ranges
bytes
content-length
9211
x-amz-cf-id
d8GUWnbcRm9tRyExbgQOdC0pfpbWTlvODSMPChORS_MuUCRaZdNE0Q==
swfobject-2.2.min.js
delivery-cdn-cf.adswizz.com/adswizz/js/ Frame B35F 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery-cdn-cf.adswizz.com/adswizz/js/swfobject-2.2.min.js
Requested by
Host: synchroscript.deliveryengine.adswizz.com
URL: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-45.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a18cbdbb0fbb733d7f4cba5d2afd6b2706e3f141c743f491057e5800368cd8e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://synchroscript.deliveryengine.adswizz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 04:47:48 GMT
via
1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
last-modified
Wed, 01 Apr 2015 12:24:04 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
19179
etag
"e6a40488a5f5774d02c06d0787ef01d8"
x-cache
Hit from cloudfront
content-type
application/x-javascript
accept-ranges
bytes
content-length
9211
x-amz-cf-id
E9orcv0z3V-zkRQ-gikSXeQHdxvgc76KC7-LML3GEWXtUE37_Y_w7Q==
swfobject-2.2.min.js
delivery-cdn-cf.adswizz.com/adswizz/js/ Frame D10D 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery-cdn-cf.adswizz.com/adswizz/js/swfobject-2.2.min.js
Requested by
Host: synchroscript.deliveryengine.adswizz.com
URL: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-45.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a18cbdbb0fbb733d7f4cba5d2afd6b2706e3f141c743f491057e5800368cd8e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://synchroscript.deliveryengine.adswizz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 04:47:48 GMT
via
1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
last-modified
Wed, 01 Apr 2015 12:24:04 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
19179
etag
"e6a40488a5f5774d02c06d0787ef01d8"
x-cache
Hit from cloudfront
content-type
application/x-javascript
accept-ranges
bytes
content-length
9211
x-amz-cf-id
_jOAnace4l3tus5X3EEU21Ei0RIYOVx_kfTx7C-DSvRsHrJSvz8Y1A==
swfobject-2.2.min.js
delivery-cdn-cf.adswizz.com/adswizz/js/ Frame 20C0 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery-cdn-cf.adswizz.com/adswizz/js/swfobject-2.2.min.js
Requested by
Host: synchroscript.deliveryengine.adswizz.com
URL: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-45.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a18cbdbb0fbb733d7f4cba5d2afd6b2706e3f141c743f491057e5800368cd8e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://synchroscript.deliveryengine.adswizz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 04:47:48 GMT
via
1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
last-modified
Wed, 01 Apr 2015 12:24:04 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
19179
etag
"e6a40488a5f5774d02c06d0787ef01d8"
x-cache
Hit from cloudfront
content-type
application/x-javascript
accept-ranges
bytes
content-length
9211
x-amz-cf-id
JIkpjs-WyAI_PWlD_tCOaSkUgraJ9JRBtw-C5ovrnJCMCsEcsd8AmA==
swfobject-2.2.min.js
delivery-cdn-cf.adswizz.com/adswizz/js/ Frame 1589 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery-cdn-cf.adswizz.com/adswizz/js/swfobject-2.2.min.js
Requested by
Host: synchroscript.deliveryengine.adswizz.com
URL: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-45.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a18cbdbb0fbb733d7f4cba5d2afd6b2706e3f141c743f491057e5800368cd8e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://synchroscript.deliveryengine.adswizz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 04:47:48 GMT
via
1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
last-modified
Wed, 01 Apr 2015 12:24:04 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
19179
etag
"e6a40488a5f5774d02c06d0787ef01d8"
x-cache
Hit from cloudfront
content-type
application/x-javascript
accept-ranges
bytes
content-length
9211
x-amz-cf-id
cwcqxP3P-csuP-vwZhB-6HhEPRJvWsBaEAr8gasSGNIKJwdtsHzDbQ==
pbjs
htlb.casalemedia.com/openrtb/ Frame 514D 		36 B
503 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2212ceecea7b62ab%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876440298%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876440298%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22292996d839af5d%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%2285dc0c3d-6da0-4266-8a0d-d5e09b57c41e%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%226eed5116-5df2-4a2d-8f1c-3f9a5ab47034%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f398e172a9b98aa3e73d972d990f5ae3d819d048be8d9e8636b12108c45535ea

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FEwXHf1wE%2Bmx5l8siPvj3OXgT3d4C6taMzGv7eTQjcva3tPPC29DwxV49rZgODcQN6tMcMbTY%2BNyyGP6lPuPHnTGp2kOIyq8h2fgGwhuA1tycvZGG%2BCQ%2BCFo2XRBxlcPzGpIiYWV"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e887977ef5696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
v1
prg.smartadserver.com/prebid/ Frame 514D 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 514D 		333 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876440298&tk_flint=pbjs_lite_v7.19.0&x_source.tid=85dc0c3d-6da0-4266-8a0d-d5e09b57c41e&l_pb_bid_id=6cd765e1eb8318&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.2975151834058003
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
8755825c0d4c00d3b86d9643d01f62dcebe9e8ec255eeb7fb442ee6c4d235d07

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
333
expires
Wed, 17 Sep 1975 21:32:10 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 514D 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:22 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
cdb
bidder.criteo.com/ Frame 514D 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=51190632181&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:21 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
prebid
ib.adnxs.com/ut/v3/ Frame 514D 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
addfb8c4331eb753e56a9b2834ec2e75d2ad7fd5effa91ba7e9e2a61e0bd6dd0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:22 GMT
AN-X-Request-Uuid
ed62b79e-72f9-40db-adfc-eac3da2e5e66
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 514D 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:21 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EDBF 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
289729
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 21 Dec 2022 01:38:33 GMT
expires
Thu, 21 Dec 2023 01:38:33 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 9FBD 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
416f97b7082377fe76fb76733fe208442c7111aadf7de3a9c9564ead3ace77fc
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-o-B9wMFXDaqndFtqJs28vQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-o-B9wMFXDaqndFtqJs28vQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 24 Dec 2022 10:07:22 GMT
expires
Sat, 24 Dec 2022 10:07:22 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
translator
hbopenbid.pubmatic.com/ Frame A6B6 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:21 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ Frame A6B6 		171 B
561 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame A6B6 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
7ccaa539d0c6ed26a790cb9e25607b54cbab01def7793828beb2363ee398e67f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:22 GMT
AN-X-Request-Uuid
99184261-20f1-416c-a7a9-cffdd9eb699e
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame A6B6 		333 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876440310&tk_flint=pbjs_lite_v7.19.0&x_source.tid=99f7782a-130f-4fc3-b5a3-bb198e0110a6&l_pb_bid_id=8e08573a7f457e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4111165109720163
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
5b603173268f4ece04439dcea5303d7fdc439fd09d49b8ad9cfae9651459a32f

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
333
expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ Frame A6B6 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=434142194&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:22 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
pbjs
htlb.casalemedia.com/openrtb/ Frame A6B6 		37 B
499 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2211aaa2538a12b2c%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876440310%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876440310%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22129b8b691482a29%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%2299f7782a-130f-4fc3-b5a3-bb198e0110a6%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%221a66aabc-5800-4f9e-b156-8caaa43be853%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69c60e1bd5debc809a07042775743e11b98104a5561412e8eafb65f592fa9542

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ioMfF7X3luyuczKKuESOrsb2UW0dg7eCzILp25LKhGaWakRXw6MNO3ZHUpakmkR4g5vGFP8E9Aw2XZ3b8F9r7GKqwdSJoI5kCEtmP9wTwNxsccMRh7dNu5FUZSBbkwOSNC0RNMqN"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e887979f3b696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame A6B6 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:22 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
cdb
bidder.criteo.com/ Frame 964E 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=50655082341&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 10:07:22 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
v1
prg.smartadserver.com/prebid/ Frame 964E 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ Frame 964E 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:22 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 964E 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sat, 24 Dec 2022 10:07:22 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
pbjs
htlb.casalemedia.com/openrtb/ Frame 964E 		36 B
505 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=844299&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2293c9570452fb65%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fforward.com%2F%22%2C%22domain%22%3A%22forward.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22forward.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1671876440320%22%2C%22adunitcode%22%3A%22adpn-adtag-1671876440320%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2210a77c8c29c8181%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22844299%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%2231ccbc0e-2268-4307-bcb8-5484d5778a12%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%22fa626684-d62a-4e63-80a3-0630b582b75e%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%220764e1b55cf9992e246a%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0995b7f22e512780bde59e5555a21f8020e789f54ac86465732f3786653d0f0c

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=idWL8i%2B5Yiovh5TbssC6LbW7izp%2FmGjZUBMg0uqRaQIkCd9ZXXwiUzM%2FzOrKADHiyd3Dz8xyCQffR52qX2TVKdwFspO%2FIQvKCCiNjxEGyRgsUSf0y96bUObR%2FYJM6ervpVlp7PbG"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e88797af48696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
prebid
ib.adnxs.com/ut/v3/ Frame 964E 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
22a6b68a39a0c439a10ae495f7459b68c98645367a7a05b462bd0de3e493c8e5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:23 GMT
AN-X-Request-Uuid
be36f1b1-8fe5-4cd3-b66a-335ecc1ec9de
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 964E 		333 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,0764e1b55cf9992e246a,1,,,&rf=forward.com&tg_i.page=https%3A%2F%2Fforward.com%2F&tg_i.domain=forward.com&tg_i.pbadslot=adpn-adtag-1671876440320&tk_flint=pbjs_lite_v7.19.0&x_source.tid=31ccbc0e-2268-4307-bcb8-5484d5778a12&l_pb_bid_id=146a120c74177cb&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.34006497109901357
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
23351fe94e228b490f974c8b58235c49626ff9d5a9b7c24d1692dcade5bf86f2

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
333
expires
Wed, 17 Sep 1975 21:32:10 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=LAUsJnxiSE9ROSt5SHNLdVBUSmFwdHptTUhDZStqYkpZTklBQVhnaENuZmNXbkR0eGp5QVF0OHp0c3M5SnZFaGtWZUVoV1lReStEZ1NJNFZuSHU3bHcvNzQ2WEJySEpwNjBBdTIzMVNUdjZ4cXV0UnNYczBocHIxbDRObFl1YTlJaGtwSVA2YkRCVXp0eXk2R2ZSZWl4VmxYN21HRWdNeExCMVU1RUtyazdZM2dEb2wzaDVHSlZXOE1LOWRQMURBZlB2akZ3YUtBSHE1MXdGb0lubFhsenBBelJwdGMwb0RQU0FzMGtaL3pvOFA3bkJNPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 24 Dec 2022 10:07:22 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
467140
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
main.19.8.377.js
static.adsafeprotected.com/ Frame A931 		199 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.377.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/992712/61653181/skeleton.js?14052602
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:4800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c3d6dd40d554051caae0e87609382cfbf0370ef9acd3beddd1ad5c0bfd335c15

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 23:56:39 GMT
x-amz-version-id
dX.ebh6MRkbxhfqjxJgTQokuZG2AvCpL
content-encoding
gzip
via
1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
987044
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 12 Dec 2022 16:54:47 GMT
server
AmazonS3
etag
W/"6021cd2c4605b3ba4a8f0769ad2e5fc0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
y3VoD3YTFE94pKl6M6ZFywFoIeGG0sO4O1xqFEif6Rx2OayzyRmK5Q==
main.19.8.377.js
static.adsafeprotected.com/ Frame 9393 		199 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.377.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/992712/61653181/skeleton.js?552641338
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:4800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c3d6dd40d554051caae0e87609382cfbf0370ef9acd3beddd1ad5c0bfd335c15

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 23:56:39 GMT
x-amz-version-id
dX.ebh6MRkbxhfqjxJgTQokuZG2AvCpL
content-encoding
gzip
via
1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
987044
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 12 Dec 2022 16:54:47 GMT
server
AmazonS3
etag
W/"6021cd2c4605b3ba4a8f0769ad2e5fc0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
g7mtPfQfnmadSs9ucmn9VqOuPYqHYZH-_TnJ7UKKozt6kLcqCd6rdQ==
main.19.8.377.js
static.adsafeprotected.com/ Frame 9936 		199 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.377.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/992712/61653181/skeleton.js?816239869
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:4800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c3d6dd40d554051caae0e87609382cfbf0370ef9acd3beddd1ad5c0bfd335c15

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 23:56:39 GMT
x-amz-version-id
dX.ebh6MRkbxhfqjxJgTQokuZG2AvCpL
content-encoding
gzip
via
1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
987044
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 12 Dec 2022 16:54:47 GMT
server
AmazonS3
etag
W/"6021cd2c4605b3ba4a8f0769ad2e5fc0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
Z6ovbxZeAZ-qvVm9fmU7FNP_AUGcjzaypf6xTxW7DuLBmTo5PDLcxg==
main.19.8.377.js
static.adsafeprotected.com/ Frame 96B2 		199 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.377.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/992712/61653181/skeleton.js?540482748
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:4800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c3d6dd40d554051caae0e87609382cfbf0370ef9acd3beddd1ad5c0bfd335c15

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 23:56:39 GMT
x-amz-version-id
dX.ebh6MRkbxhfqjxJgTQokuZG2AvCpL
content-encoding
gzip
via
1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
987044
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 12 Dec 2022 16:54:47 GMT
server
AmazonS3
etag
W/"6021cd2c4605b3ba4a8f0769ad2e5fc0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
Wuk4JZZ1dHiXV1aUkkGyWZEIYosgIxBiWbZ0I6Qc1WLPvjsdB4P-2w==
async_usersync
ib.adnxs.com/ Frame DD06 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1654713&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:23 GMT
AN-X-Request-Uuid
f1fc6a7a-31f5-4e05-9d23-d76ac1aa28f9
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dc_pre=CPKpuIuBkvwCFYPJOwIdtXsNwA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8615419870541.607
adservice.google.com/ddm/fls/z/ Frame FC81 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CPKpuIuBkvwCFYPJOwIdtXsNwA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8615419870541.607
Requested by
Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CPKpuIuBkvwCFYPJOwIdtXsNwA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8615419870541.607?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5994599.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
main.19.8.377.js
static.adsafeprotected.com/ Frame 3A7C 		199 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.377.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/992712/61653181/skeleton.js?782325539
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:4800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c3d6dd40d554051caae0e87609382cfbf0370ef9acd3beddd1ad5c0bfd335c15

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 23:56:39 GMT
x-amz-version-id
dX.ebh6MRkbxhfqjxJgTQokuZG2AvCpL
content-encoding
gzip
via
1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
987044
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 12 Dec 2022 16:54:47 GMT
server
AmazonS3
etag
W/"6021cd2c4605b3ba4a8f0769ad2e5fc0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
r9pQkuvCflNuvNMVX06QoVVna-AnPL3AKrFGNxG3BdRiQ1nJjLWNMg==
sodar
pagead2.googlesyndication.com/pagead/ Frame 0A50 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120501&jk=3197993056563766&rc=
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
main.19.8.377.js
static.adsafeprotected.com/ Frame B5EE 		199 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.377.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/992712/61653181/skeleton.js?34678416
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:4800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c3d6dd40d554051caae0e87609382cfbf0370ef9acd3beddd1ad5c0bfd335c15

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 23:56:39 GMT
x-amz-version-id
dX.ebh6MRkbxhfqjxJgTQokuZG2AvCpL
content-encoding
gzip
via
1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
987045
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 12 Dec 2022 16:54:47 GMT
server
AmazonS3
etag
W/"6021cd2c4605b3ba4a8f0769ad2e5fc0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
vQHpA44BrUPCt-osskZOJpu1TjB2pUU6rXnBbY3Herz1fQIXXXi_Vw==
peg_logger.js
www.parship.de/static_cms/parship/static/peg_utils/peg_logger/ Frame AD68 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.parship.de/static_cms/parship/static/peg_utils/peg_logger/peg_logger.js
Requested by
Host: www.parship.de
URL: https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1671876442.5712300.c1e9ff4c-8372-11ed-b29e-00155d255900ID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b979 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70be16b9dc61f64b3bdd8f879f8dcaaa114c52d8d22229f34605d75477555105
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1671876442.5712300.c1e9ff4c-8372-11ed-b29e-00155d255900ID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:23 GMT
strict-transport-security
max-age=15552000
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
last-modified
Wed, 30 Nov 2022 12:34:09 GMT
x-content-type-options
nosniff
server
cloudflare
age
76154
etag
W/"63874dc1-2fc0"
vary
Accept-Encoding
content-type
application/x-javascript
content-encoding
br
cache-control
max-age=86400
cf-ray
77e88798edbe9036-FRA
expires
Sat, 24 Dec 2022 12:58:06 GMT
pegtracking_combined.js
www.parship.de/static_cms/parship/static/peg_utils/tracking/ Frame AD68 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.parship.de/static_cms/parship/static/peg_utils/tracking/pegtracking_combined.js
Requested by
Host: www.parship.de
URL: https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1671876442.5712300.c1e9ff4c-8372-11ed-b29e-00155d255900ID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b979 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b4ad4c7e9f95aa3f37f4f71e91eb0def0f2d8f5d9936eb8739718c151268fbb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1671876442.5712300.c1e9ff4c-8372-11ed-b29e-00155d255900ID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:23 GMT
strict-transport-security
max-age=15552000
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
last-modified
Wed, 05 Oct 2022 07:17:58 GMT
x-content-type-options
nosniff
server
cloudflare
age
9272
etag
W/"633d2fa6-77ae"
vary
Accept-Encoding
content-type
application/x-javascript
content-encoding
br
cache-control
max-age=86400
cf-ray
77e88798edbf9036-FRA
expires
Sun, 25 Dec 2022 07:30:17 GMT
js
ad2.adfarm1.adition.com/ Frame BCC6 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad2.adfarm1.adition.com/js?wp_id=2885601&gdpr=0&gdpr_consent=&ts=7180654637069372426&kid=5572862&keyword=PACS_4787252_17071377&clickurl=https%3A%2F%2Ffra1%2Dib.adnxs.com%2Fclick%3Fyq8V4zQk4D%2D77vLtcNrYPwAAAIAUruc%5FRxz1wmt%5F5D%5FH155ZEqDqPyAipzZN7NVxjRdONcm4NVZWz6ZjAAAAAHlDgQEYKAAAsAQAAAIAAAC8Az8YnuYfAAAAAABVU0QARVVSACwB%2DgAx%2DQAAAAABAQUCAAAAAMoAuSfJEwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521%2DhFt%2DAjJo5YaELyH%5FMEBGJ7NfyAAKAAxAAAAAAAAAAA6CUZSQTE6NTMxOUCIMElIMxZNZyfuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTIwMCNGUkExOjUzMTk%3D%2Fbn%3D93185%2Fclickenc%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7180654637069372426%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7180654624183416986%2526sid%253D4787252%2526kid%253D5641793%2526bid%253D17071377%2526c%253D37455%2526keyword%253D%25255Bmtp%25255D%252528cid%252529406782908%25255BAAID%25255D%25255BIDFA%25255D%25255Bu%25255Dhttps%25253A%25252F%25252Fforward.com%25252F%25255Bp%25255D1654713%25255Bmtp%25255D%252528segc%252529%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D
Requested by
Host: ad4.adfarm1.adition.com
URL: https://ad4.adfarm1.adition.com/banner?sid=4787252&adjsver=3&fvers=&iframe=1&ref=https%3A//flashnetic.com/r/p.html%3Ff%3Dkwqcltffp%26e%3D1971603729092&ro=https%3A//flashnetic.com/r/p.html%3Ff%3Dkwqcltffp%26e%3D1971603729092&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/108.0.5359.124%20Safari/537.36&os=17&browser=11&userid=7180654624183416986&wi=923447651&ac=1&kw=%5Bmtp%5D%28cid%29406782908%5BAAID%5D%5BIDFA%5D%5Bu%5Dhttps%3A%2F%2Fforward.com%2F%5Bp%5D1654713%5Bmtp%5D%28segc%29&gdpr=0&screen_res=6&prf[ADVERTISINGID]=&prf[IDFA]=&prf[paadformat]=300x250&prf[paappid]=&prf[paauction]=8202722112698786336&prf[pacarrier]=1&prf[paclickid]=&prf[padevice]=0&prf[padevid]=&prf[padsp]=apx&prf[padspuserid]=6212074435349714829&prf[pageolat]=&prf[pageolon]=&prf[paplacementid]=6063205&prf[papublisherid]=1654713&prf[paref]=https://forward.com/&prf[pasource]=&prf[passp]=10264&prf[pasupplytype]=0&prf[pavendor]=&wpt=J&clickurl=https%3A%2F%2Ffra1%2Dib.adnxs.com%2Fclick%3Fyq8V4zQk4D%2D77vLtcNrYPwAAAIAUruc%5FRxz1wmt%5F5D%5FH155ZEqDqPyAipzZN7NVxjRdONcm4NVZWz6ZjAAAAAHlDgQEYKAAAsAQAAAIAAAC8Az8YnuYfAAAAAABVU0QARVVSACwB%2DgAx%2DQAAAAABAQUCAAAAAMoAuSfJEwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521%2DhFt%2DAjJo5YaELyH%5FMEBGJ7NfyAAKAAxAAAAAAAAAAA6CUZSQTE6NTMxOUCIMElIMxZNZyfuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTIwMCNGUkExOjUzMTk%3D%2Fbn%3D93185%2Fclickenc%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.21 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad2.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
b2e410ba98203acdffc3fcb58d6a73b651669088a87108c2808cfffc4cda3f54

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
date
Sat, 24 Dec 2022 11:07:23 +0100
cache-control
max-age=600
content-encoding
gzip
content-type
application/x-javascript
server
ADITIONSERVER v1.0
expires
Sat, 01 Jan 2000 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame FF5F 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 24 Dec 2022 10:07:23 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=a9SzZnxJUHVyT25UR0xtaTdnSHdSSWlqTThidU1hVVYwVEtPdGZiNkRxb0JCRWo2NDVnd204L1dGQ2R5bXlKb3RxbjRISkh4TGxzOXNKQXh6SGxlTS9wN29md2pEd0VLSW5aWlNnU0Y4NFFoakFsSVVybFNnbEdzNXlKc1RXNHNLRzZQczljTWRkUVh2aFJnVWs2czlMRitOS0tJQ3VlSE5lOU1nbWhCNUZVSzdlQkFDNkUxZ3pUTitvRWVBbUMwaTlGWmhhc1doUUY5dU0zMmlSaFd0c0JJdGdheGxEeWd5aWVBaUZTUldrZGx5RUF3PXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 24 Dec 2022 10:07:22 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
493822
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ Frame D2E8 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:23 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 25 Dec 2022 10:07:23 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame D573 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
Origin
https://flashnetic.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 09:14:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3185
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 25 Dec 2022 09:14:18 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/ Frame D573 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N163801.2560713PROPERTYSOLUTIONS/B28229300.341734671;dc_ver=92.271;dc_eid=40004001;sz=300x250;u_sd=1;gdpr=0;aucid=395398358634871920;crid=372961557;ioid=%24%7BINSERTION_ORDER_ID%7D;liid=%24%7BCAMPAIGN_ID%7D;segid=%24%7BPIXEL_ID_COMMA%7D;srcid=%24%7BSOURCE_URL%7D;dc_adk=2120841755;ord=5u1oyt;click=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3F8FAU6BN5gj9GICCYEYl7PwAAAIAUruc_RiAgmBGJez_wUBToE3mCP3A8NFe2vHwFjRdONcm4NVZWz6ZjAAAAAHlDgQEYKAAA6h8AAAIAAAAV8ToWnuYfAAAAAABVU0QARVVSACwB-gAx-QAAAAABAQUCAAAAAMoAaCGoSQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521XBZEVgjIhNQVEJXi67EBGJ7NfyAAKAAxmpmZmZmZuT86CUZSQTE6NTY4MUCIMEkAAAAAAADwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAADQP2kAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DODE3MCNGUkExOjU2ODE%3D%2Fbn%3D76861%2Fclickenc%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Fforward.com%2F$0;xdt=1;crlt=SGqX)'TyIK;gcsr=m;stc=1;chaa=1;sttr=1199;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 16:52:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
62118
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 06 Jan 2023 16:52:05 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame D573 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:30:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
290191
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Dec 2023 01:30:52 GMT
ca
choices.trustarc.com/ Frame D573 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/ca?sz=300x250&c=1264160094&cid=0&aid=sojern02_d&pid=sojern01&js=pmw0
Requested by
Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=sojern01&aid=sojern02_d&cid=0&c=1264160094&sz=300x250&js=st_dapp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-110.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
44b1f2fe90b4743cb17697984bd73c6a12549cc820c5fc62c6cf3f4c2819b058
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop
FRA2-C1
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
text/javascript;charset=UTF-8
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
biXOV-fcTENT8MSn-h5hmxpDmPwvQB9xznMNEyo5UgaAdagXRo1T1w==
expires
Mon, 26 Jul 1997 05:00:00 GMT
02aea8ce-bfac-4fe8-b53f-a52391e7405d
dcdn.adnxs.com/renderer-content/ Frame 482F 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcdn.adnxs.com/renderer-content/02aea8ce-bfac-4fe8-b53f-a52391e7405d
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.21.3 /
Resource Hash
6e21bea1f5e411d8bf314f47cc98372da32e11a89549dffc1ac95d84bc95ae89

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:23 GMT
content-encoding
gzip
Via
1.1 varnish, 1.1 varnish
x-b3-traceid
f09d790db2c8e236
Age
32848
X-Cache
HIT, HIT
an-served-by
hbapi-proxy-production-7858c695bd-q7j56
x-envoy-upstream-service-time
6
x-b3-parentspanid
b3414006fc6b50c6
Connection
keep-alive
Content-Length
3022
X-Served-By
cache-lga21962-LGA, cache-hhn-etou8220053-HHN
Server
nginx/1.21.3
X-Timer
S1671876443.383862,VS0,VE0
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=86400
x-b3-spanid
553d84fc91a87ae0
x-b3-sampled
1
Accept-Ranges
bytes
X-Cache-Hits
13, 56
trk.js
cdn.adnxs.com/v/s/231/ Frame 482F 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/231/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a6014f6b98eaeb6078b9e1c953c61f33af95d5f4866d89a416d01b74a0dd6c27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Expires
Wed, 06 Dec 2023 04:35:13 GMT
Date
Sat, 24 Dec 2022 10:07:23 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
1575130
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27455
X-Served-By
cache-lga13620-LGA, cache-hhn-etou8220052-HHN
Last-Modified
Wed, 30 Nov 2022 10:07:25 GMT
Server
AkamaiNetStorage
X-Timer
S1671876443.073980,VS0,VE0
ETag
"48b9fe7fe4120aea6f95a30f505d7b35:1669802845.0694"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
17, 2166499
Pug
simage2.pubmatic.com/AdServer/ Frame 1FBA
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:97cb63a6-cf57-4b00-93fc-283781cb1270&gdpr=0&gdpr_consent=
42 B
325 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:97cb63a6-cf57-4b00-93fc-283781cb1270&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 24 Dec 2022 10:07:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Sat, 24 Dec 2022 10:07:23 GMT
Expires
Sat, 24 Dec 2022 10:07:22 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 277 3f0ad7a master cdg-pixel-x28 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:97cb63a6-cf57-4b00-93fc-283781cb1270&gdpr=0&gdpr_consent=
ImgSync
image8.pubmatic.com/AdServer/ Frame DE70
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=89797467634599058
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,max-age=86400
date
Sat, 24 Dec 2022 10:07:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Sat, 24 Dec 2022 10:07:22 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
usersync.aspx
dis.criteo.com/dis/ Frame 0F80 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Sat, 24 Dec 2022 10:07:22 GMT
expires
Sat, 24 Dec 2022 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
500159
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 132A
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=88A45D14-ACF1-42C5-8783-39F4189AF5BF&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=88A45D14-ACF1-42C5-8783-39F4189AF5BF&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=88A45D14-ACF1-42C5-8783-39F4189AF5BF&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.126.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sat, 24 Dec 2022 10:07:23 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
Z0VGHTT6W3JER9QPX7TJ

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Sat, 24 Dec 2022 10:07:23 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=88A45D14-ACF1-42C5-8783-39F4189AF5BF&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
5RGNH2B1XDANN5PF59JT
Pug
simage2.pubmatic.com/AdServer/ Frame 16E4
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6212074435349714829&gdpr=0&gdpr_consent=
42 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6212074435349714829&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 24 Dec 2022 10:07:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
f232772a-e1f8-40ee-8e81-e96886a3b7c7
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Sat, 24 Dec 2022 10:07:23 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6212074435349714829&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
ImgSync
image8.pubmatic.com/AdServer/ Frame 7923
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=fwsE4CpeULRkCwTifwBI53oMVOZkDwSwegvUrVEV
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,max-age=86400
date
Sat, 24 Dec 2022 10:07:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Sat, 24 Dec 2022 10:07:21 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame C52D
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7180654624183416986&gdpr=0&gdpr_consent=
42 B
472 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7180654624183416986&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 24 Dec 2022 10:07:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Sat, 24 Dec 2022 10:07:23 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7180654624183416986&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
ImgSync
image8.pubmatic.com/AdServer/ Frame 5F94
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=RYkEgvCERJBzmmKJkidp_FD_B2w
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,max-age=86400
date
Sat, 24 Dec 2022 10:07:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Sat, 24 Dec 2022 10:07:22 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
image2.pubmatic.com/AdServer/ Frame D433
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDdnRVN0hUWjhBQUNDYy1XMldPQQ&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AACvtU7HTZ8AACCc-W2WOA&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_par...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AACvtU7HTZ8AACCc-W2WOA&pid=558502&do=add&gdpr=0
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACvtU7HTZ8AACCc-W2WOA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%2...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=1653069145252192142&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACvtU7HTZ8AACCc-W2WOA&gdpr=0&gdpr_consent=
42 B
199 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACvtU7HTZ8AACCc-W2WOA&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 24 Dec 2022 10:07:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Sat, 24 Dec 2022 10:07:24 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACvtU7HTZ8AACCc-W2WOA&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
ImgSync
image8.pubmatic.com/AdServer/ Frame 4BC1
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y6bPWwAF2FDiKwAe&gdpr=0&gdpr_consent=&_test=Y6bPWwAF2FDiKwAe
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,max-age=86400
date
Sat, 24 Dec 2022 10:07:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Sat, 24 Dec 2022 10:07:21 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 30F8
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
93 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 24 Dec 2022 10:07:21 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Sat, 24 Dec 2022 10:07:23 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
i.match
s.tribalfusion.com/z/ Frame DD58
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
418 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
77e8879b5c7a9107-FRA
content-length
43
content-type
image/gif; charset=utf-8
date
Sat, 24 Dec 2022 10:07:23 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
77e8879a1ad49107-FRA
content-type
text/html
date
Sat, 24 Dec 2022 10:07:23 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
984
cookiesync
core.iprom.net/ Frame CD74 		43 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Sat, 24 Dec 2022 10:07:23 GMT
Vary
Accept-Encoding
X-adserver-worker
komodo-1cab49024ced@version_1.531
X-core-time
1ms
X-server-arch
v2
generic
match.adsrvr.org/track/cmf/ Frame 4FE7
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1671876443223
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4582704781
70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4582704781
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Sat, 24 Dec 2022 10:07:23 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Sat, 24 Dec 2022 10:07:23 GMT
etag
RXb14d922dcac0440e873d844e0ee48b56003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4582704781
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
pub
matching.truffle.bid/sync/ Frame B91E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.55.120.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.196.120.55.162.clients.your-server.de
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Date
Sat, 24 Dec 2022 10:07:23 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
bridge
cm.adgrx.com/ Frame 7D70 		43 B
283 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.95.96.108 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Sat, 24 Dec 2022 10:07:23 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-10
gdpr_consent=
sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=e5cc4c2eac971790/gdpr=0/ Frame 9512
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=e5cc4c2eac971790/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%...
49 B
263 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=e5cc4c2eac971790/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DkODCF8PznVjjWjXngjRTbTRa
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.211.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-211-146.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache
content-length
49
content-type
image/gif
date
Sat, 24 Dec 2022 10:07:23 GMT
expires
0
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma
no-cache
server
Jetty(9.4.38.v20210224)
x-server
10.45.3.21

Redirect headers

content-length
0
location
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=e5cc4c2eac971790/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DkODCF8PznVjjWjXngjRTbTRa
usersync
x.serverbid.com/ Frame AA71 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://x.serverbid.com/usersync?ttt=3&src=2&cspi=0&cn=3&spui=&dpui=88A45D14-ACF1-42C5-8783-39F4189AF5BF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://ads.pubmatic.com
access-control-max-age
10080
date
Sat, 24 Dec 2022 10:07:22 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame EB0F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=iKRdFKzxQsWHgzn0GJr1vw%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:24 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=157696
accept-ranges
bytes
content-length
5554
expires
Mon, 26 Dec 2022 05:55:40 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:23 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame EB0F 		95 B
382 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=88A45D14-ACF1-42C5-8783-39F4189AF5BF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:23 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
77e8879a1a902bf1-FRA
access-control-allow-headers
*
content-length
95
qmap
sync.crwdcntrl.net/ Frame EB0F 		49 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=88A45D14-ACF1-42C5-8783-39F4189AF5BF&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.211.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-211-146.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:23 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.11.1
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame EB0F
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3789095054
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=88A45D14-ACF1-42C5-8783-39F4189AF5BF
0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=88A45D14-ACF1-42C5-8783-39F4189AF5BF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:26 GMT
via
1.1 google
last-modified
Sat, 24 Dec 2022 10:07:27 GMT
server
Weborama Collect Frontend
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=88A45D14-ACF1-42C5-8783-39F4189AF5BF
date
Sat, 24 Dec 2022 10:07:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
Pug
image2.pubmatic.com/AdServer/ Frame EB0F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODhBNDVEMTQtQUNGMS00MkM1LTg3ODMtMzlGNDE4OUFGNUJG&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 24 Dec 2022 10:07:24 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:23 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame EB0F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGHLRzYLHruTaEFtQX6nyfs&google_cver=1
42 B
379 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGHLRzYLHruTaEFtQX6nyfs&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 24 Dec 2022 10:07:24 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:23 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGHLRzYLHruTaEFtQX6nyfs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame EB0F 		43 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.158.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:23 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Fri, 23 Dec 2022 10:07:23 GMT
generic
match.adsrvr.org/track/cmf/ Frame EB0F 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 24 Dec 2022 10:07:23 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
ImgSync
image8.pubmatic.com/AdServer/ Frame EB0F
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7236359441748730540
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:26 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Sat, 24 Dec 2022 10:07:24 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
88A45D14-ACF1-42C5-8783-39F4189AF5BF
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame EB0F 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/88A45D14-ACF1-42C5-8783-39F4189AF5BF?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:965e:3ef:16d0:9a4c Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:23 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame EB0F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=88A45D14-ACF1-42C5-8783-39F4189AF5BF&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=88A45D14-ACF1-42C5-8783-39F4189AF5BF&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-twMwyZRE2uX5QtA48D9OcQklpQZVbb8-~A&gdpr=0&gdpr_consent=
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-twMwyZRE2uX5QtA48D9OcQklpQZVbb8-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:25 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-twMwyZRE2uX5QtA48D9OcQklpQZVbb8-~A&gdpr=0&gdpr_consent=
date
Sat, 24 Dec 2022 10:07:24 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ImgSync
image8.pubmatic.com/AdServer/ Frame EB0F
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=755320ee-2727-4208-8ed9-6b19251e856a&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_4aace8a4-3ced-4d52-835f-59428ac9be0a&bsw_param=755320ee-2727-4208-8ed9-6b19251e856a&expires=10
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=755320ee-2727-4208-8ed9-6b19251e856a&gdpr=&gdpr_consent=&gdpr_pd=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:28 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Sat, 24 Dec 2022 10:07:26 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
current
pubmatic-match.dotomi.com/match/bounce/ Frame EB0F 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=88A45D14-ACF1-42C5-8783-39F4189AF5BF&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:23 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame EB0F 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Sat, 24 Dec 2022 10:07:23 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame EB0F
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:ec631b23-e914-4609-9fb3-645e9fe40f74&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:ec631b23-e914-4609-9fb3-645e9fe40f74&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 24 Dec 2022 10:07:24 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:ec631b23-e914-4609-9fb3-645e9fe40f74&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Sat, 24 Dec 2022 10:07:23 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
simage2.pubmatic.com/AdServer/ Frame EB0F
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3396307127223499462&gdpr=0&gdpr_consent=&us_privacy=
1 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3396307127223499462&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sat, 24 Dec 2022 10:07:24 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3396307127223499462&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sat, 24 Dec 2022 10:07:22 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
ImgSync
image8.pubmatic.com/AdServer/ Frame EB0F
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6212074435349714829
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:25 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Sat, 24 Dec 2022 10:07:25 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
crum
dsum-sec.casalemedia.com/ Frame EF10
Redirect Chain
  • https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=844299&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=0
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=h2WmCXc31P91r65&gdpr=0
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=h2WmCXc31P91r65&gdpr=0
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:26 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:25 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/4da9b91#4da9b91e1fcbbaec3beafc6ce8a7393d26d4f693 i-0f25e10db9e73ae52@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=h2WmCXc31P91r65&gdpr=0
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame EF10 		95 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?referrer=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.55.233.29 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.233.55.162.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/png
date
Sat, 24 Dec 2022 10:07:23 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
ImgSync
image8.pubmatic.com/AdServer/ Frame EF10 		0
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=156383
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:23 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
view
googleads4.g.doubleclick.net/pcs/ Frame 2F0C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvFHruzd3NiXSm5Okp1uLs30dedcNH56-sxcfX_Ul1HQMfAp3AV5XtxI4S5rggBeTo4fqV4d9AL_eYY1MY5lGxVsEqml58dOx8ul9xRL-iKtaFxdSQDYNDD0a87Zf2V6zpEAwGPPLL3M3AF0zQKdP_hwbQPPg&sai=AMfl-YQ3iN8sl-b3KBZdkRejZxa1LFN4SxyDx2YbxAPuWp1ei8NfdB2CeX3oMLccmlMLMkPcf_xezqc3AYW7VflOZZRNYxTuK1goVQwFrkou&sig=Cg0ArKJSzMGeBAhNzbiDEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1486&vt=11&dtpt=1485&dett=2&cstd=0&cisv=r20221207.26517&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N163801.2560713PROPERTYSOLUTIONS/B22045245.235138843;dc_ver=92.271;sz=728x90;u_sd=1;aucid=2378070731381729339;crid=240637446;ioid=%24%7BINSERTION_ORDER_ID%7D;liid=%24%7BCAMPAIGN_ID%7D;segid=%24%7BPIXEL_ID_COMMA%7D;srcid=%24%7BSOURCE_URL%7D;dc_adk=3504469854;ord=qvptfr;click=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FMUJ4tHHEij8gkyrgDvODPwAAAIA9Cu8_IJMq4A7zgz8xQni0ccSKPzvowgq7mgAhjRdONcm4NVZWz6ZjAAAAAJdDgQEYKAAA6h8AAAIAAAAG1lcOnuYfAAAAAABVU0QARVVSANgCWgAx-QAAAAABAQUCAAAAAMoAiiM4JgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521DhYmNAjn4pUXEIas33IYns1_IAAoADGamZmZmZm5PzoJRlJBMTo2Mzk1QIgwSQAAAAAAAPA_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAANA_aQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DODE3MCNGUkExOjYzOTU%3D%2Fbn%3D98890%2Fclickenc%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Fforward.com%2F$0;xdt=1;crlt=SGqX)'TyIK;stc=1;chaa=1;sttr=1014;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:23 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 24 Dec 2022 10:07:23 GMT
async_usersync
ib.adnxs.com/ Frame 7DD0 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1654713&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:23 GMT
AN-X-Request-Uuid
5c7d21db-468d-4d6c-948e-13ff56f4ac7c
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame DCA2 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
413
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
77e8879a8a822bd2-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 10:07:23 GMT
expires
Sat, 24 Dec 2022 14:07:23 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FD93 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=157697
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sat, 24 Dec 2022 10:07:23 GMT
expires
Mon, 26 Dec 2022 05:55:40 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 1352 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
53031
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 24 Dec 2022 10:07:23 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 15 Dec 2022 19:23:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
100, 270980
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220068-HHN
X-Timer
S1671876443.291097,VS0,VE0
usync.html
eus.rubiconproject.com/ Frame 46F5 		281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 10:07:23 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame E9E2 		281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 10:07:23 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame B4FB 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
53031
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 24 Dec 2022 10:07:23 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 15 Dec 2022 19:23:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
100, 275566
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220086-HHN
X-Timer
S1671876443.299708,VS0,VE0
ixmatch.html
js-sec.indexww.com/um/ Frame 6E29 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
413
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
77e8879a9aab2bd2-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 10:07:23 GMT
expires
Sat, 24 Dec 2022 14:07:23 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame AE8A 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=157697
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sat, 24 Dec 2022 10:07:23 GMT
expires
Mon, 26 Dec 2022 05:55:40 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
js
ad2.adfarm1.adition.com/ Frame 9A69 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad2.adfarm1.adition.com/js?wp_id=2885601&gdpr=0&gdpr_consent=&ts=7180654637074942986&kid=5572862&keyword=PACS_4787252_17071377&clickurl=https%3A%2F%2Ffra1%2Dib.adnxs.com%2Fclick%3FkmrOcDsU4D8iU7tT2MHYPwAAAIAUruc%5FR8XGl%2Dxq5D8TDyibcoXqP7FgxrpyvWxnjRdONcm4NVZWz6ZjAAAAAHlDgQEYKAAAsAQAAAIAAAC8Az8YnuYfAAAAAABVU0QARVVSACwB%2DgAx%2DQAAAAABAQUCAAAAAMoACCYpQAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521ABIX%2DgjJo5YaELyH%5FMEBGJ7NfyAAKAAxAAAAAAAAAAA6CUZSQTE6NTI5OECIMElIMxZNZyfuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTIwMCNGUkExOjUyOTg%3D%2Fbn%3D93260%2Fclickenc%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7180654637074942986%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7180654624183416986%2526sid%253D4787252%2526kid%253D5641793%2526bid%253D17071377%2526c%253D42599%2526keyword%253D%25255Bmtp%25255D%252528cid%252529406782908%25255BAAID%25255D%25255BIDFA%25255D%25255Bu%25255Dhttps%25253A%25252F%25252Fforward.com%25252F%25255Bp%25255D1654713%25255Bmtp%25255D%252528segc%252529%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D
Requested by
Host: ad4.adfarm1.adition.com
URL: https://ad4.adfarm1.adition.com/banner?sid=4787252&adjsver=3&fvers=&iframe=1&ref=https%3A//flashnetic.com/r/p.html%3Ff%3Dtnpxzjf%26e%3D1971603729092&ro=https%3A//flashnetic.com/r/p.html%3Ff%3Dtnpxzjf%26e%3D1971603729092&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/108.0.5359.124%20Safari/537.36&os=17&browser=11&userid=7180654624183416986&wi=1313897205&ac=1&kw=%5Bmtp%5D%28cid%29406782908%5BAAID%5D%5BIDFA%5D%5Bu%5Dhttps%3A%2F%2Fforward.com%2F%5Bp%5D1654713%5Bmtp%5D%28segc%29&gdpr=0&screen_res=6&prf[ADVERTISINGID]=&prf[IDFA]=&prf[paadformat]=300x250&prf[paappid]=&prf[paauction]=7452539783848812721&prf[pacarrier]=1&prf[paclickid]=&prf[padevice]=0&prf[padevid]=&prf[padsp]=apx&prf[padspuserid]=6212074435349714829&prf[pageolat]=&prf[pageolon]=&prf[paplacementid]=6063205&prf[papublisherid]=1654713&prf[paref]=https://forward.com/&prf[pasource]=&prf[passp]=10264&prf[pasupplytype]=0&prf[pavendor]=&wpt=J&clickurl=https%3A%2F%2Ffra1%2Dib.adnxs.com%2Fclick%3FkmrOcDsU4D8iU7tT2MHYPwAAAIAUruc%5FR8XGl%2Dxq5D8TDyibcoXqP7FgxrpyvWxnjRdONcm4NVZWz6ZjAAAAAHlDgQEYKAAAsAQAAAIAAAC8Az8YnuYfAAAAAABVU0QARVVSACwB%2DgAx%2DQAAAAABAQUCAAAAAMoACCYpQAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521ABIX%2DgjJo5YaELyH%5FMEBGJ7NfyAAKAAxAAAAAAAAAAA6CUZSQTE6NTI5OECIMElIMxZNZyfuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTIwMCNGUkExOjUyOTg%3D%2Fbn%3D93260%2Fclickenc%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.21 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad2.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
dca83e01a27ceef4a431095b0680ecbcd4215a2e5cc1d4bf76eb97a3f8d3b296

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
date
Sat, 24 Dec 2022 11:07:23 +0100
cache-control
max-age=600
content-encoding
gzip
content-type
application/x-javascript
server
ADITIONSERVER v1.0
expires
Sat, 01 Jan 2000 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame C33A 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9978410e404c2f058fe25e4d4a70899c7a817bc0b86eddb39d97e827038aa770

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:23 GMT
content-encoding
gzip
last-modified
Sat, 24 Dec 2022 03:57:26 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=64193
content-length
10066
expires
Sun, 25 Dec 2022 03:57:16 GMT
usync.js
eus.rubiconproject.com/ Frame 2F8B 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9978410e404c2f058fe25e4d4a70899c7a817bc0b86eddb39d97e827038aa770

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:23 GMT
content-encoding
gzip
last-modified
Sat, 24 Dec 2022 03:57:26 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=64193
content-length
10066
expires
Sun, 25 Dec 2022 03:57:16 GMT
usync.js
eus.rubiconproject.com/ Frame 7C8C 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9978410e404c2f058fe25e4d4a70899c7a817bc0b86eddb39d97e827038aa770

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:23 GMT
content-encoding
gzip
last-modified
Sat, 24 Dec 2022 03:57:26 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=64193
content-length
10066
expires
Sun, 25 Dec 2022 03:57:16 GMT
usync.js
eus.rubiconproject.com/ Frame 4655 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9978410e404c2f058fe25e4d4a70899c7a817bc0b86eddb39d97e827038aa770

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:23 GMT
content-encoding
gzip
last-modified
Sat, 24 Dec 2022 03:57:26 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=64193
content-length
10066
expires
Sun, 25 Dec 2022 03:57:16 GMT
usync.js
eus.rubiconproject.com/ Frame A436 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9978410e404c2f058fe25e4d4a70899c7a817bc0b86eddb39d97e827038aa770

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:23 GMT
content-encoding
gzip
last-modified
Sat, 24 Dec 2022 03:57:26 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=64193
content-length
10066
expires
Sun, 25 Dec 2022 03:57:16 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame 3228 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
413
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
77e8879bacdb2bd2-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 10:07:23 GMT
expires
Sat, 24 Dec 2022 14:07:23 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame F81A 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
53031
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 24 Dec 2022 10:07:23 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 15 Dec 2022 19:23:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
100, 275570
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220086-HHN
X-Timer
S1671876443.471155,VS0,VE0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B234 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=157697
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sat, 24 Dec 2022 10:07:23 GMT
expires
Mon, 26 Dec 2022 05:55:40 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 0F38 		281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 10:07:23 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 45A5 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
53031
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 24 Dec 2022 10:07:23 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 15 Dec 2022 19:23:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
100, 270982
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220068-HHN
X-Timer
S1671876443.494334,VS0,VE0
ixmatch.html
js-sec.indexww.com/um/ Frame D4EF 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
413
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
77e8879bdd322bd2-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 10:07:23 GMT
expires
Sat, 24 Dec 2022 14:07:23 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 2DF3 		281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 10:07:23 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F399 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=157697
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sat, 24 Dec 2022 10:07:23 GMT
expires
Mon, 26 Dec 2022 05:55:40 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
vevent
fra1-ib.adnxs.com/ Frame 8529 		0
951 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fforward.com%2F&e=wqT_3QKoC_BMqAUAAAMA1gAFAQjWnpudBhCn0NGXgqud83UYja-4qpOZ7ppWKjYJDJOpglFJfT8RflWRfrkedj8ZAAAAgBSu5z8hflWRfrkedj8pDJMJJPCaMQAAAEDheoQ_MPmGhQw4mFBA4RhIAlCb0ra5AViezX9gAGix8pcBePzFBIABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJpdWYoJ2EnLCA0NTA2MTg4LCAwKTt1ZignaScsIDc2NTY5MjYsIDApO3VmKCdnJywgMTkxMDI1MDcsIDAJKTxzJywgMjc4NTgwOTIyLCAwCRYwcicsIDM4ODg2ODM3OQUW9IEBkgKJBSFsMy01WUFqWDl1TVpFSnZTdHJrQkdBQWduczFfTUFFNEFFQUFTT0VZVVBtR2hReFlBR0M5Qm1nQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkFxZ0JBckFCQUxrQk5FNWNPNVdXZXpfQkFmUkQ0TFgzUm4wX3lRRUFBQURBek16c1A5a0JTRE1XVFdjbjdqX2dBZDZyMHdQMUFRQUFRRUNZQWdDZ0FnQzFBZ0FBQUFDOUFnQUFBQURBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0SWdfeS1KeEFFR0FFdHdYS3dPYUlERXdpdDBfTW1FQW9ZQVMxbVptWV9NZ04xYm5HaUF3NEltcm1ZSlJBTEdBSXRBQUFBQUxvRENVWlNRVEU2TmpZeU9PQURpRENBQkpIa3FnbUlCTENKcXdtUUJBR1lCQVN5QkFrSXZ1b1JFSl9jcEEyNkJCa0k3UWdSdUI2RjYxRzRuajhaQUFBQUEBy1hBQWd2dW9Sd1FTNEhvWHJVYmllUDhrRQkbAQEYRFlCQUR4QgELDQF4aUFYa001Z0Z1cDNyaEFHcEJVZ3pGazFuSi00X3NRVQ0mFEFBQU1FRgEHCQE4REpCUUFBQUtBTGF1a18wLigABE5rFSi4OERfZ0Jjc0Y4QVdyOW8wSi1BWE1oSk1DZ2dZRFJWVlNpQVlBa0FZQm1BWUFvUVkJWzRBQUlRS2dHQkxJR0pBaxEUCEFBQh3HBEJrGRgAQx0YRExnR0NnLi6aApkBIS14WXEyZzqNAhBKN05meQG4BEF4EUIsQ0VBNkNVWlNRVEU2JZFARUNJTUVsSU14Wk5aeWZ1UDEdYQBGHXkIR0c0NWUAMh0YAEgdMAxIZ0FpRaEBAfDXRHdQdy4u2AIA4AKbhU7qAhRodHRwczovL2ZvcndhcmQuY29tL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA_DSkgHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMODAuMjU1LjcuMTA4qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANIEDjMxNjkjRlJBMTo2NjI42gQCCAHgBAHwBJvStrkBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAQ5w2AUB4AUB8AWr70n6BQQIABAAkAYAmAYAuAYAwQYBITAAAPA_0Ab_C9oGFgoQCREZAXQQABgA4AYB8gYCCACABwGIBwCgBwHIB_zFBNIHDQkRKAEmCNoHBgFdcBgA4AcA6gcCCADwB5bFA4oIAhAAlQgAAIA_mAgB&s=e4de142119f63addac31fef0c1df0a5e220d2784&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=250&sid=1425382271713132305&vd=ct~0|rr~0&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=25248633&sw=1600&sh=1200&pw=1600&ph=250&ww=1600&wh=250&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/231/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:23 GMT
AN-X-Request-Uuid
cebcf068-9715-44ef-b80c-04a999fd289c
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame F77A 		281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 10:07:23 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 094D 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
53031
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 24 Dec 2022 10:07:23 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 15 Dec 2022 19:23:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
100, 270984
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220068-HHN
X-Timer
S1671876444.663029,VS0,VE0
ixmatch.html
js-sec.indexww.com/um/ Frame 0D22 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
413
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
77e8879cef3a2bd2-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 10:07:23 GMT
expires
Sat, 24 Dec 2022 14:07:23 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1F8B 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=157697
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sat, 24 Dec 2022 10:07:23 GMT
expires
Mon, 26 Dec 2022 05:55:40 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
vevent
fra1-ib.adnxs.com/ Frame 90BF 		0
951 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fforward.com%2F&e=wqT_3QKNC_BMjQUAAAMA1gAFAQjVnpudBhDq8rnR6bepgVsYja-4qpOZ7ppWKjYJbqMBvAUShD8Rjrw5fbkmfz8ZAAAAgD0K7z8hjrw5fbkmfz8pbqMJJPCBMQAAAEDhepQ_MJeHhQw4mFBAqTlIAlCgxcedAViezX9gAGix8pcBeN_wBYABAYoBA1VTRJIBA0VVUpgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAml1ZignYScsIDE2OTQzNjgsIDApO3VmKCdpJywgNTI0OTAyMBUULGcnLCAxNzgwMTcxORUVMHMnLCAyNzY2MTc1MDAVFjByJywgMzMwNDI0OTkyBRbwtpIC8QQha25pTWhnaXo2WkFaRUtERng1MEJHQUFnbnMxX01BRTRBRUFBU0trNVVKZUhoUXhZQUdDOUJtZ0FjQUI0QUlBQkFJZ0JBSkFCQVpnQkFhQUJBcWdCQXJBQkFMa0Izd0FGUlozcWdqX0JBWGRzZ0owV0U0UV95UUVBQUFBQUFBRHdQOWtCU0RNV1RXY243al9nQWZ5dndBTDFBWVhya1QtWUFnQ2dBZ0MxQWdBQUFBQzlBZwE58FVEQUFnRElBZ0RRQWdEWUFnRGdBdm5jbVNIb0FvZmFscDBHLUFJQWdBTUJtQU1Cb2dNT0NQdXR2aWNRQkJnQkxUbEtPRHFpQXc0SS1keVpJUkFKR0FJdAFagEFLSURFd2l4LU40bUVBb1lBUzExWUpZX01nTjFibXVpQRk0BExHETTATG9EQ1VaU1FURTZOVE14T09BRGlEQ0FCTGlqaXdpSUJPdl9xQWlRQkFHWUJBVEJCQQVqBQEIeVFRBQgFARhOZ0VBUEVFBQwFAVBDSUJjWXBtQVdjc3ZPREFha0ZTRE0tLAgteEIdOwh3UVUFMgUBCE1rRgEIHFlOSmQ3el9SLigAADIVKPBDRHdQLUFGMUFmd0JmZkR2Z2o0QmFDMVo0SUdBMFZWVW9nR0FKQUdBWmdHQUtFR1BRclhvM0E5OGotb0JnU3lCaVFKQUEBZgUBAFIFBgkBAFoJBwUBAGgFBgUBQEM0QmdvLpoCmQEhaWhXUUpBOnUCLEo3TmZ5QUFLQUF4UBVtBDg2MlkBQEVDSU1FbElNeFpOWnlmdVAxPSwERmsFZwUBAEcdGABHHRgASB0YDEhnQWkuiQLw9XcuLtgCAOACm4VO6gIUaHR0cHM6Ly9mb3J3YXJkLmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APw0pIB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDgwLjI1NS43LjEwOKgEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANIEDjczMzcjRlJBMTo1MzE42gQCCAHgBAHwBKDFx50BiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFhQH6BQQIABAAkAYAmAYAuAYAwQYAAAElKPA_0Aa0JdoGFgoQAQ8uAQB0EAAYAOAGAfIGAggAgAcBiAcAoAcByAff8AXSBw0JESoBJgzaBwYIBQlo4AcA6gcCCADwB5bFA4oIAhAAlQgAAIA_mAgB&s=00a3ae6a7ce490bd4bc009e881ed85cc9a3e4718&type=nv&nvt=5&jm=1003&sid=1425382271713132305&vd=ct~0|rr~0&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=25248663&cid=3&cr=nv&sw=1600&sh=1200&pw=728&ph=90&ww=728&wh=90&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/231/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:23 GMT
AN-X-Request-Uuid
02a52c98-d558-408b-b1ec-a3a08f279943
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame C861 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
53031
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 24 Dec 2022 10:07:23 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 15 Dec 2022 19:23:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
100, 275572
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220086-HHN
X-Timer
S1671876444.681969,VS0,VE0
ixmatch.html
js-sec.indexww.com/um/ Frame 601B 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
413
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
77e8879d0f7b2bd2-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 10:07:23 GMT
expires
Sat, 24 Dec 2022 14:07:23 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6032 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=157697
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sat, 24 Dec 2022 10:07:23 GMT
expires
Mon, 26 Dec 2022 05:55:40 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 959A 		281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 10:07:23 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
vevent
fra1-ib.adnxs.com/ Frame A931 		0
951 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fforward.com%2F&e=wqT_3QKNC_BMjQUAAAMA1gAFAQjVnpudBhCSr8ryp4fK11oYja-4qpOZ7ppWKjYJbqMBvAUShD8Rjrw5fbkmfz8ZAAAAgD0K7z8hjrw5fbkmfz8pbqMJJPCBMQAAAEDhepQ_MJeHhQw4mFBAqTlIAlCgxcedAViezX9gAGix8pcBeNXXBYABAYoBA1VTRJIBA0VVUpgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAml1ZignYScsIDE2OTQzNjgsIDApO3VmKCdpJywgNTI0OTAyMBUULGcnLCAxNzgwMTcxORUVMHMnLCAyNzY2MTc1MDAVFjByJywgMzMwNDI0OTkyBRbwtpIC8QQha0hnZWhRaXo2WkFaRUtERng1MEJHQUFnbnMxX01BRTRBRUFBU0trNVVKZUhoUXhZQUdDOUJtZ0FjQUI0QUlBQkFJZ0JBSkFCQVpnQkFhQUJBcWdCQXJBQkFMa0Izd0FGUlozcWdqX0JBWGRzZ0owV0U0UV95UUVBQUFBQUFBRHdQOWtCU0RNV1RXY243al9nQWZ5dndBTDFBWVhya1QtWUFnQ2dBZ0MxQWdBQUFBQzlBZwE58FVEQUFnRElBZ0RRQWdEWUFnRGdBdm5jbVNIb0FvZmFscDBHLUFJQWdBTUJtQU1Cb2dNT0NQdXR2aWNRQkJnQkxUbEtPRHFpQXc0SS1keVpJUkFKR0FJdAFagEFLSURFd2l4LU40bUVBb1lBUzExWUpZX01nTjFibXVpQRk0BExHETTATG9EQ1VaU1FURTZOVE14Ti1BRGlEQ0FCTGlqaXdpSUJPdl9xQWlRQkFHWUJBVEJCQQVqBQEIeVFRBQgFARhOZ0VBUEVFBQwFAVBDSUJjVXBtQVdjc3ZPREFha0ZTRE0tLAgteEIdOwh3UVUFMgUBCE1rRgEIHFlOSmQ3el9SLigAADIVKPBDRHdQLUFGMUFmd0JmZkR2Z2o0QmFDMVo0SUdBMFZWVW9nR0FKQUdBWmdHQUtFR1BRclhvM0E5OGotb0JnU3lCaVFKQUEBZgUBAFIFBgkBAFoJBwUBAGgFBgUBQEM0QmdvLpoCmQEhaVJWS0pBOnUCLEo3TmZ5QUFLQUF4UBVtBDg2MlkBQDBDSU1FbElNeFpOWnlmdVAxPSwERmsFZwUBAEcdGABHHRgASB0YDEhnQWkuiQLw9XcuLtgCAOACm4VO6gIUaHR0cHM6Ly9mb3J3YXJkLmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APw0pIB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDgwLjI1NS43LjEwOKgEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANIEDjczMzcjRlJBMTo1MzE32gQCCAHgBAHwBKDFx50BiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFhQH6BQQIABAAkAYAmAYAuAYAwQYAAAElKPA_0Aa0JdoGFgoQAQ8uAQB0EAAYAOAGAfIGAggAgAcBiAcAoAcByAfV1wXSBw0JESoBJgzaBwYIBQlo4AcA6gcCCADwB5bFA4oIAhAAlQgAAIA_mAgB&s=47daefe9c46a3f52b48db0accb93a4dc543a0e2c&type=nv&nvt=5&jm=1003&sid=1425382271713132305&vd=ct~0|rr~0&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=25248663&cid=3&cr=nv&sw=1600&sh=1200&pw=728&ph=90&ww=728&wh=90&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/231/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:23 GMT
AN-X-Request-Uuid
7b56e77e-4866-470a-a777-cebdedaee193
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
fra1-ib.adnxs.com/ Frame 9393 		0
951 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fforward.com%2F&e=wqT_3QKNC_BMjQUAAAMA1gAFAQjVnpudBhCR--Cnvf3Eg24Yja-4qpOZ7ppWKjYJbqMBvAUShD8Rjrw5fbkmfz8ZAAAAgD0K7z8hjrw5fbkmfz8pbqMJJPCBMQAAAEDhepQ_MJeHhQw4mFBAqTlIAlCgxcedAViezX9gAGix8pcBeIzZBYABAYoBA1VTRJIBA0VVUpgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAml1ZignYScsIDE2OTQzNjgsIDApO3VmKCdpJywgNTI0OTAyMBUULGcnLCAxNzgwMTcxORUVMHMnLCAyNzY2MTc1MDAVFjByJywgMzMwNDI0OTkyBRbwtpIC8QQhZlhpTmVBaXo2WkFaRUtERng1MEJHQUFnbnMxX01BRTRBRUFBU0trNVVKZUhoUXhZQUdDOUJtZ0FjQUI0QUlBQkFJZ0JBSkFCQVpnQkFhQUJBcWdCQXJBQkFMa0Izd0FGUlozcWdqX0JBWGRzZ0owV0U0UV95UUVBQUFBQUFBRHdQOWtCU0RNV1RXY243al9nQWZ5dndBTDFBWVhya1QtWUFnQ2dBZ0MxQWdBQUFBQzlBZwE58FVEQUFnRElBZ0RRQWdEWUFnRGdBdm5jbVNIb0FvZmFscDBHLUFJQWdBTUJtQU1Cb2dNT0NQdXR2aWNRQkJnQkxUbEtPRHFpQXc0SS1keVpJUkFKR0FJdAFagEFLSURFd2l4LU40bUVBb1lBUzExWUpZX01nTjFibXVpQRk0BExHETTATG9EQ1VaU1FURTZOVE13TS1BRGlEQ0FCTGlqaXdpSUJPdl9xQWlRQkFHWUJBVEJCQQVqBQEIeVFRBQgFARhOZ0VBUEVFBQwFAVBDSUJiY3BtQVdjc3ZPREFha0ZTRE0tLAgteEIdOwh3UVUFMgUBCE1rRgEIHFlOSmQ3el9SLigAADIVKPBDRHdQLUFGMUFmd0JmZkR2Z2o0QmFDMVo0SUdBMFZWVW9nR0FKQUdBWmdHQUtFR1BRclhvM0E5OGotb0JnU3lCaVFKQUEBZgUBAFIFBgkBAFoJBwUBAGgFBgUBQEM0QmdvLpoCmQEhaEJYcklnOnUCLEo3TmZ5QUFLQUF4UBVtBDg2MlkBQDBDSU1FbElNeFpOWnlmdVAxPSwERmsFZwUBAEcdGABHHRgASB0YDEhnQWkuiQLw9XcuLtgCAOACm4VO6gIUaHR0cHM6Ly9mb3J3YXJkLmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APw0pIB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDgwLjI1NS43LjEwOKgEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANIEDjczMzcjRlJBMTo1MzAz2gQCCAHgBAHwBKDFx50BiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFhQH6BQQIABAAkAYAmAYAuAYAwQYAAAElKPA_0Aa0JdoGFgoQAQ8uAQB0EAAYAOAGAfIGAggAgAcBiAcAoAcByAeM2QXSBw0JESoBJgzaBwYIBQlo4AcA6gcCCADwB5bFA4oIAhAAlQgAAIA_mAgB&s=b0c0d118cc36b832edf1ea36c100861ce1762c0b&type=nv&nvt=5&jm=1003&sid=1425382271713132305&vd=ct~0|rr~0&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=25248663&cid=3&cr=nv&sw=1600&sh=1200&pw=728&ph=90&ww=728&wh=90&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/231/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:23 GMT
AN-X-Request-Uuid
cac2662e-e608-44c6-9f2d-f6c29d57246b
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
fra1-ib.adnxs.com/ Frame 9936 		0
951 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fforward.com%2F&e=wqT_3QKNC_BMjQUAAAMA1gAFAQjVnpudBhDN1dCf6oadpkoYja-4qpOZ7ppWKjYJbqMBvAUShD8Rjrw5fbkmfz8ZAAAAgD0K7z8hjrw5fbkmfz8pbqMJJPCBMQAAAEDhepQ_MJeHhQw4mFBAqTlIAlCgxcedAViezX9gAGix8pcBeMDZBYABAYoBA1VTRJIBA0VVUpgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAml1ZignYScsIDE2OTQzNjgsIDApO3VmKCdpJywgNTI0OTAyMBUULGcnLCAxNzgwMTcxORUVMHMnLCAyNzY2MTc1MDAVFjByJywgMzMwNDI0OTkyBRbwtpIC8QQhYm5oc2N3aXo2WkFaRUtERng1MEJHQUFnbnMxX01BRTRBRUFBU0trNVVKZUhoUXhZQUdDOUJtZ0FjQUI0QUlBQkFJZ0JBSkFCQVpnQkFhQUJBcWdCQXJBQkFMa0Izd0FGUlozcWdqX0JBWGRzZ0owV0U0UV95UUVBQUFBQUFBRHdQOWtCU0RNV1RXY243al9nQWZ5dndBTDFBWVhya1QtWUFnQ2dBZ0MxQWdBQUFBQzlBZwE58FVEQUFnRElBZ0RRQWdEWUFnRGdBdm5jbVNIb0FvZmFscDBHLUFJQWdBTUJtQU1Cb2dNT0NQdXR2aWNRQkJnQkxUbEtPRHFpQXc0SS1keVpJUkFKR0FJdAFagEFLSURFd2l4LU40bUVBb1lBUzExWUpZX01nTjFibXVpQRk0BExHETTATG9EQ1VaU1FURTZOVGMzT2VBRGlEQ0FCTGlqaXdpSUJPdl9xQWlRQkFHWUJBVEJCQQVqBQEIeVFRBQgFARhOZ0VBUEVFBQwFAVBDSUJaTXRtQVdjc3ZPREFha0ZTRE0tLAgteEIdOwh3UVUFMgUBCE1rRgEIHFlOSmQ3el9SLigAADIVKPBDRHdQLUFGMUFmd0JmZkR2Z2o0QmFDMVo0SUdBMFZWVW9nR0FKQUdBWmdHQUtFR1BRclhvM0E5OGotb0JnU3lCaVFKQUEBZgUBAFIFBgkBAFoJBwUBAGgFBgUBPEM0QmdvLpoCmQEhbFJXZ0o-dQIsSjdOZnlBQUtBQXhQFW0EODYyWQFAVUNJTUVsSU14Wk5aeWZ1UDE9LARGawVnBQEARx0YAEcdGABIHRgMSGdBaS6JAvD1dy4u2AIA4AKbhU7qAhRodHRwczovL2ZvcndhcmQuY29tL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA_DSkgHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMODAuMjU1LjcuMTA4qAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA0gQONzMzNyNGUkExOjU3NznaBAIIAeAEAfAEoMXHnQGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWFAfoFBAgAEACQBgCYBgC4BgDBBgAAASUo8D_QBrQl2gYWChABDy4BAHQQABgA4AYB8gYCCACABwGIBwCgBwHIB8DZBdIHDQkRKgEmDNoHBggFCWjgBwDqBwIIAPAHlsUDiggCEACVCAAAgD-YCAE.&s=631518fc29e8493b05c4eb565e045b114943da36&type=nv&nvt=5&jm=1003&sid=1425382271713132305&vd=ct~0|rr~0&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=25248663&cid=3&cr=nv&sw=1600&sh=1200&pw=728&ph=90&ww=728&wh=90&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/231/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:23 GMT
AN-X-Request-Uuid
b5329e4d-48a7-414a-b2ff-98830fa82223
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
23684.js
ads.rubiconproject.com/ad/ Frame 4ABA 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/ad/23684.js
Requested by
Host: ads.bidstreamserver.com
URL: https://ads.bidstreamserver.com/servlet/view/banner/javascript/zone?pid=0&zid=637&fcid=951&uuid=9070c017ce75def74666ccd2bb5bc39f&viewable=false&random=11346887&millis=20221224050716&hb_request=17182134&hb_error=timeout&friendly=friendly_11346887&language=de&pvid=82898819&resolution=1600x1200&txid=91375395&frcn=0&sid=19&sver=1&tagid=ad-86335943&uuid=9070c017ce75def74666ccd2bb5bc39f&referrer=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache / PHP/5.3.3
Resource Hash
1e7adc9a24a57746863ef54f2de5f8905c242ebc6d416713133ff989fb050222

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:23 GMT
content-encoding
gzip
server
Apache
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=1516
access-control-allow-credentials
true
content-length
8916
expires
Sat, 24 Dec 2022 10:32:39 GMT
interactive2.js
ads.bidstreamserver.com/js/ Frame 4ABA 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.bidstreamserver.com/js/interactive2.js
Requested by
Host: ads.bidstreamserver.com
URL: https://ads.bidstreamserver.com/servlet/view/banner/javascript/zone?pid=0&zid=637&fcid=951&uuid=9070c017ce75def74666ccd2bb5bc39f&viewable=false&random=11346887&millis=20221224050716&hb_request=17182134&hb_error=timeout&friendly=friendly_11346887&language=de&pvid=82898819&resolution=1600x1200&txid=91375395&frcn=0&sid=19&sver=1&tagid=ad-86335943&uuid=9070c017ce75def74666ccd2bb5bc39f&referrer=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.10.31.14 Edmonton, Canada, ASN36483 (GOSSAMERTHREADS, CA),
Reverse DNS
Software
nginx /
Resource Hash
2b68d3f00ef77a863aced01347d486c666e2203aeb549e94c49f580c78d8aa21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:23 GMT
Content-Encoding
gzip
Last-Modified
Tue, 25 Oct 2022 15:34:24 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Cache-Control
public, max-age=86400
Connection
keep-alive
Expires
Sun, 25 Dec 2022 10:07:23 GMT
publishertag.prebid.130.js
static.criteo.net/js/ld/ Frame FF5F 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.130.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:23 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 17 Sep 2022 19:59:55 GMT
server
nginx
etag
W/"6326273b-16120"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 25 Dec 2022 10:07:23 GMT
23684.js
ads.rubiconproject.com/ad/ Frame DB03 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/ad/23684.js
Requested by
Host: ads.bidstreamserver.com
URL: https://ads.bidstreamserver.com/servlet/view/banner/javascript/zone?pid=0&zid=637&fcid=951&uuid=9070c017ce75def74666ccd2bb5bc39f&viewable=false&random=18961229&millis=20221224050716&hb_request=10257702&hb_error=timeout&friendly=friendly_18961229&language=de&pvid=82898819&resolution=1600x1200&txid=41784790&frcn=0&sid=19&sver=1&tagid=ad-9091948&uuid=9070c017ce75def74666ccd2bb5bc39f&referrer=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache / PHP/5.3.3
Resource Hash
1e7adc9a24a57746863ef54f2de5f8905c242ebc6d416713133ff989fb050222

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:23 GMT
content-encoding
gzip
server
Apache
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=1516
access-control-allow-credentials
true
content-length
8916
expires
Sat, 24 Dec 2022 10:32:39 GMT
interactive2.js
ads.bidstreamserver.com/js/ Frame DB03 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.bidstreamserver.com/js/interactive2.js
Requested by
Host: ads.bidstreamserver.com
URL: https://ads.bidstreamserver.com/servlet/view/banner/javascript/zone?pid=0&zid=637&fcid=951&uuid=9070c017ce75def74666ccd2bb5bc39f&viewable=false&random=18961229&millis=20221224050716&hb_request=10257702&hb_error=timeout&friendly=friendly_18961229&language=de&pvid=82898819&resolution=1600x1200&txid=41784790&frcn=0&sid=19&sver=1&tagid=ad-9091948&uuid=9070c017ce75def74666ccd2bb5bc39f&referrer=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.10.31.14 Edmonton, Canada, ASN36483 (GOSSAMERTHREADS, CA),
Reverse DNS
Software
nginx /
Resource Hash
2b68d3f00ef77a863aced01347d486c666e2203aeb549e94c49f580c78d8aa21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:23 GMT
Content-Encoding
gzip
Last-Modified
Tue, 25 Oct 2022 15:34:24 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Cache-Control
public, max-age=86400
Connection
keep-alive
Expires
Sun, 25 Dec 2022 10:07:23 GMT
vevent
fra1-ib.adnxs.com/ Frame 96B2 		0
951 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fforward.com%2F&e=wqT_3QKNC_BMjQUAAAMA1gAFAQjVnpudBhCu7LD2irbw7GAYja-4qpOZ7ppWKjYJbqMBvAUShD8Rjrw5fbkmfz8ZAAAAgD0K7z8hjrw5fbkmfz8pbqMJJPCBMQAAAEDhepQ_MJeHhQw4mFBAqTlIAlCgxcedAViezX9gAGix8pcBeNOGBoABAYoBA1VTRJIBA0VVUpgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAml1ZignYScsIDE2OTQzNjgsIDApO3VmKCdpJywgNTI0OTAyMBUULGcnLCAxNzgwMTcxORUVMHMnLCAyNzY2MTc1MDAVFjByJywgMzMwNDI0OTkyBRbwtpIC8QQhY1hnbmN3aXo2WkFaRUtERng1MEJHQUFnbnMxX01BRTRBRUFBU0trNVVKZUhoUXhZQUdDOUJtZ0FjQUI0QUlBQkFJZ0JBSkFCQVpnQkFhQUJBcWdCQXJBQkFMa0Izd0FGUlozcWdqX0JBWGRzZ0owV0U0UV95UUVBQUFBQUFBRHdQOWtCU0RNV1RXY243al9nQWZ5dndBTDFBWVhya1QtWUFnQ2dBZ0MxQWdBQUFBQzlBZwE58FVEQUFnRElBZ0RRQWdEWUFnRGdBdm5jbVNIb0FvZmFscDBHLUFJQWdBTUJtQU1Cb2dNT0NQdXR2aWNRQkJnQkxUbEtPRHFpQXc0SS1keVpJUkFKR0FJdAFagEFLSURFd2l4LU40bUVBb1lBUzExWUpZX01nTjFibXVpQRk0BExHETTATG9EQ1VaU1FURTZOalUxTS1BRGlEQ0FCTGlqaXdpSUJPdl9xQWlRQkFHWUJBVEJCQQVqBQEIeVFRBQgFARhOZ0VBUEVFBQwFAVBDSUJaa3ptQVdjc3ZPREFha0ZTRE0tLAgteEIdOwh3UVUFMgUBCE1rRgEIHFlOSmQ3el9SLigAADIVKPBDRHdQLUFGMUFmd0JmZkR2Z2o0QmFDMVo0SUdBMFZWVW9nR0FKQUdBWmdHQUtFR1BRclhvM0E5OGotb0JnU3lCaVFKQUEBZgUBAFIFBgkBAFoJBwUBAGgFBgUBQEM0QmdvLpoCmQEhakJVbkpROnUCLEo3TmZ5QUFLQUF4UBVtBDg2MlkBQDBDSU1FbElNeFpOWnlmdVAxPSwERmsFZwUBAEcdGABHHRgASB0YDEhnQWkuiQLw9XcuLtgCAOACm4VO6gIUaHR0cHM6Ly9mb3J3YXJkLmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APw0pIB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDgwLjI1NS43LjEwOKgEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANIEDjczMzcjRlJBMTo2NTUz2gQCCAHgBAHwBKDFx50BiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFhQH6BQQIABAAkAYAmAYAuAYAwQYAAAElKPA_0Aa0JdoGFgoQAQ8uAQB0EAAYAOAGAfIGAggAgAcBiAcAoAcByAfThgbSBw0JESoBJgzaBwYIBQlo4AcA6gcCCADwB5bFA4oIAhAAlQgAAIA_mAgB&s=362de2b5e0574252731e67407d346547674d03dc&type=nv&nvt=5&jm=1003&sid=1425382271713132305&vd=ct~0|rr~0&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=25248663&cid=3&cr=nv&sw=1600&sh=1200&pw=728&ph=90&ww=728&wh=90&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/231/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:23 GMT
AN-X-Request-Uuid
673cbb49-009f-4edc-9e23-0e322a0aa07d
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 451C 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9978410e404c2f058fe25e4d4a70899c7a817bc0b86eddb39d97e827038aa770

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:23 GMT
content-encoding
gzip
last-modified
Sat, 24 Dec 2022 03:57:26 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=64193
content-length
10066
expires
Sun, 25 Dec 2022 03:57:16 GMT
usync.js
eus.rubiconproject.com/ Frame EF02 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9978410e404c2f058fe25e4d4a70899c7a817bc0b86eddb39d97e827038aa770

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:23 GMT
content-encoding
gzip
last-modified
Sat, 24 Dec 2022 03:57:26 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=64193
content-length
10066
expires
Sun, 25 Dec 2022 03:57:16 GMT
usync.js
eus.rubiconproject.com/ Frame 5703 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9978410e404c2f058fe25e4d4a70899c7a817bc0b86eddb39d97e827038aa770

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:23 GMT
content-encoding
gzip
last-modified
Sat, 24 Dec 2022 03:57:26 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=64193
content-length
10066
expires
Sun, 25 Dec 2022 03:57:16 GMT
usync.js
eus.rubiconproject.com/ Frame BD40 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9978410e404c2f058fe25e4d4a70899c7a817bc0b86eddb39d97e827038aa770

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:24 GMT
content-encoding
gzip
last-modified
Sat, 24 Dec 2022 03:57:26 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=64192
content-length
10066
expires
Sun, 25 Dec 2022 03:57:16 GMT
usync.js
eus.rubiconproject.com/ Frame DC97 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9978410e404c2f058fe25e4d4a70899c7a817bc0b86eddb39d97e827038aa770

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:24 GMT
content-encoding
gzip
last-modified
Sat, 24 Dec 2022 03:57:26 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=64192
content-length
10066
expires
Sun, 25 Dec 2022 03:57:16 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame A4FA 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
Origin
https://flashnetic.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 09:14:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3185
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 25 Dec 2022 09:14:18 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/ Frame A4FA 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N163801.2560713PROPERTYSOLUTIONS/B24055176.272288642;dc_ver=92.271;sz=300x250;u_sd=1;gdpr=0;aucid=3973708468614784229;crid=240739685;ioid=%24%7BINSERTION_ORDER_ID%7D;liid=%24%7BCAMPAIGN_ID%7D;segid=%24%7BPIXEL_ID_COMMA%7D;srcid=%24%7BSOURCE_URL%7D;dc_adk=4185398266;ord=lgja5i;click=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3Fpk5AE2HDgz-KdpTRaHV9PwAAAIAUruc_inaU0Wh1fT-lTkATYcODP-XkvnDMciU3jRdONcm4NVZWz6ZjAAAAAHlDgQEYKAAA6h8AAAIAAABlZVkOnuYfAAAAAABVU0QARVVSACwB-gAx-QAAAAABAQUCAAAAAMoACSUMwQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521lhZqagi93NQVEOXK5XIYns1_IAAoADGamZmZmZm5PzoJRlJBMTo2NjIxQIgwSQAAAAAAAPA_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAANA_aQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DODE3MCNGUkExOjY2MjE%3D%2Fbn%3D99372%2Fclickenc%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Fforward.com%2F$0;xdt=1;crlt=SGqX)'TyIK;gcsr=m;stc=1;chaa=1;sttr=1182;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 16:52:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
62118
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 06 Jan 2023 16:52:05 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame A4FA 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:30:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
290191
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Dec 2023 01:30:52 GMT
ca
choices.trustarc.com/ Frame A4FA 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/ca?sz=300x250&c=1942765584&cid=0&aid=sojern02_d&pid=sojern01&js=pmw0
Requested by
Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=sojern01&aid=sojern02_d&cid=0&c=1942765584&sz=300x250&js=st_dapp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-110.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
d73b66fd6ef4a3aa7f6dc5a5aedca80c23f135aafc478248f32d47204cd1b740
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop
FRA2-C1
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
text/javascript;charset=UTF-8
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
W4Y2b2x4vTxBkEL39_ICsfy6WtYfAiXxrxTF24JNWrbMU-prCKBu8Q==
expires
Mon, 26 Jul 1997 05:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame EA32 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9978410e404c2f058fe25e4d4a70899c7a817bc0b86eddb39d97e827038aa770

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:24 GMT
content-encoding
gzip
last-modified
Sat, 24 Dec 2022 03:57:26 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=64192
content-length
10066
expires
Sun, 25 Dec 2022 03:57:16 GMT
usync.js
eus.rubiconproject.com/ Frame 1309 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9978410e404c2f058fe25e4d4a70899c7a817bc0b86eddb39d97e827038aa770

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:24 GMT
content-encoding
gzip
last-modified
Sat, 24 Dec 2022 03:57:26 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=64192
content-length
10066
expires
Sun, 25 Dec 2022 03:57:16 GMT
usync.js
eus.rubiconproject.com/ Frame B52E 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9978410e404c2f058fe25e4d4a70899c7a817bc0b86eddb39d97e827038aa770

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:24 GMT
content-encoding
gzip
last-modified
Sat, 24 Dec 2022 03:57:26 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=64192
content-length
10066
expires
Sun, 25 Dec 2022 03:57:16 GMT
gtm.js
www.googletagmanager.com/ Frame 490A 		102 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Requested by
Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a3fe0ee0ac684098398a3d520ed4b653a69f10e39a6024b01df00ab0fd3fac36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40298
x-xss-protection
0
last-modified
Sat, 24 Dec 2022 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 24 Dec 2022 10:07:24 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 2CD7 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
53032
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 24 Dec 2022 10:07:24 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 15 Dec 2022 19:23:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
100, 275575
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220086-HHN
X-Timer
S1671876444.067996,VS0,VE0
ixmatch.html
js-sec.indexww.com/um/ Frame 0AAA 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
414
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
77e8879f6c302bd2-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 10:07:24 GMT
expires
Sat, 24 Dec 2022 14:07:24 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 84AB 		281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 10:07:24 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FF69 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=157696
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sat, 24 Dec 2022 10:07:24 GMT
expires
Mon, 26 Dec 2022 05:55:40 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 313F 		281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 10:07:24 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame D964 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
53032
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 24 Dec 2022 10:07:24 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 15 Dec 2022 19:23:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
100, 270989
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220068-HHN
X-Timer
S1671876444.073756,VS0,VE0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D6FE 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=157696
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sat, 24 Dec 2022 10:07:24 GMT
expires
Mon, 26 Dec 2022 05:55:40 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame D8C1 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
414
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
77e8879f7c4f2bd2-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 10:07:24 GMT
expires
Sat, 24 Dec 2022 14:07:24 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6E47 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=157696
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sat, 24 Dec 2022 10:07:24 GMT
expires
Mon, 26 Dec 2022 05:55:40 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 184C 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
53031
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 24 Dec 2022 10:07:24 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 15 Dec 2022 19:23:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
100, 271665
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220080-HHN
X-Timer
S1671876444.079588,VS0,VE0
usync.html
eus.rubiconproject.com/ Frame 398F 		281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 10:07:24 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 566A 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
414
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
77e8879f8c582bd2-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 10:07:24 GMT
expires
Sat, 24 Dec 2022 14:07:24 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
agile_carousel.css
cdn.advanseads.com/dnaFiles/js/agile_carousel_1.1/ Frame 5B21 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.advanseads.com/dnaFiles/js/agile_carousel_1.1/agile_carousel.css
Requested by
Host: delivery.advanseads.com
URL: https://delivery.advanseads.com/1.0/ifr.php?zid=77191&dt=2&cb=1305348382&c=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FXwfOGVHaWz8c5PNfJ8JUPwAAAIA9Cu8_HOTzXyfCVD9gB84ZUdpbP3X44UXzBG59jRdONcm4NVZXz6ZjAAAAAJdDgQEYKAAA6h8AAAIAAAAgNuAPnuYfAAAAAABVU0QARVVSANgCWgAx-QAAAAABAQUCAAAAAMoAJiTwUgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521xRSavgjVn4IXEKDsgH8Yns1_IAAoADF7FK5H4XqEPzoJRlJBMTo1Njc5QIgwSQAAAAAAAPA_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAANA_aQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DODE3MCNGUkExOjU2Nzk%3D%2Fbn%3D93300%2Fclickenc%3D&i=9038166945075165301&&&cb=720627&adv_imp=45900364-ebbc-481a-8893-5ae6b73a23cc&gen_imp=true&adv_int_imp=4a7ebf27-1dd6-4401-a31c-11cdefcfc5d8&zf=%7B%22property_code%22%3A%22TADE48391106_%5BADV_LOCAL_LANG%5D%22%2C%22browser_lang%22%3A%22%5BADV_LOCAL_LANG%5D%22%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-79.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a9af85c75793307e7639f72812b5f35ff45721624d043a7be27441e02c1103cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://delivery.advanseads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:24 GMT
Content-Encoding
gzip
Via
1.1 e5b747ffd1713cb17ddd7d55234a3300.cloudfront.net (CloudFront)
Last-Modified
Mon, 21 Nov 2022 21:46:08 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA2-C2
Age
14
ETag
"f45d318793854d11e9b4fdf6ec1b317e"
X-Cache
Hit from cloudfront
Content-Type
text/css
Cache-Control
max-age=60
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1958
X-Amz-Cf-Id
YMjcf96R8ArJeef8Kt6Ud4fz1Iudn7x3OduqOlXxo3bbjQrbxODLHQ==
jquery-ui.css
cdn.advanseads.com/dnaFiles/js/ Frame 5B21 		19 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.advanseads.com/dnaFiles/js/jquery-ui.css
Requested by
Host: delivery.advanseads.com
URL: https://delivery.advanseads.com/1.0/ifr.php?zid=77191&dt=2&cb=1305348382&c=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FXwfOGVHaWz8c5PNfJ8JUPwAAAIA9Cu8_HOTzXyfCVD9gB84ZUdpbP3X44UXzBG59jRdONcm4NVZXz6ZjAAAAAJdDgQEYKAAA6h8AAAIAAAAgNuAPnuYfAAAAAABVU0QARVVSANgCWgAx-QAAAAABAQUCAAAAAMoAJiTwUgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521xRSavgjVn4IXEKDsgH8Yns1_IAAoADF7FK5H4XqEPzoJRlJBMTo1Njc5QIgwSQAAAAAAAPA_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAANA_aQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DODE3MCNGUkExOjU2Nzk%3D%2Fbn%3D93300%2Fclickenc%3D&i=9038166945075165301&&&cb=720627&adv_imp=45900364-ebbc-481a-8893-5ae6b73a23cc&gen_imp=true&adv_int_imp=4a7ebf27-1dd6-4401-a31c-11cdefcfc5d8&zf=%7B%22property_code%22%3A%22TADE48391106_%5BADV_LOCAL_LANG%5D%22%2C%22browser_lang%22%3A%22%5BADV_LOCAL_LANG%5D%22%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-79.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d50ae1c9b63b678c6cdaa47ec3338db2527874e314cf919606cbd542e25b2763

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://delivery.advanseads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:24 GMT
Content-Encoding
gzip
Via
1.1 e5b747ffd1713cb17ddd7d55234a3300.cloudfront.net (CloudFront)
Last-Modified
Mon, 21 Nov 2022 21:46:08 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA2-C2
Age
33
ETag
"cee9425a1cfa0868879e6d629871ff53"
X-Cache
Hit from cloudfront
Content-Type
text/css
Cache-Control
max-age=60
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3696
X-Amz-Cf-Id
HohdRrnVDTtp3R0eWjgXyYesgXAeFAEBOUrSkGx667Ef3p2sUQdEmA==
jquery.min.js
cdn.advanseads.com/dnaFiles/js/ Frame 5B21 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.advanseads.com/dnaFiles/js/jquery.min.js?v=1671855657369
Requested by
Host: delivery.advanseads.com
URL: https://delivery.advanseads.com/1.0/ifr.php?zid=77191&dt=2&cb=1305348382&c=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FXwfOGVHaWz8c5PNfJ8JUPwAAAIA9Cu8_HOTzXyfCVD9gB84ZUdpbP3X44UXzBG59jRdONcm4NVZXz6ZjAAAAAJdDgQEYKAAA6h8AAAIAAAAgNuAPnuYfAAAAAABVU0QARVVSANgCWgAx-QAAAAABAQUCAAAAAMoAJiTwUgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521xRSavgjVn4IXEKDsgH8Yns1_IAAoADF7FK5H4XqEPzoJRlJBMTo1Njc5QIgwSQAAAAAAAPA_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAANA_aQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DODE3MCNGUkExOjU2Nzk%3D%2Fbn%3D93300%2Fclickenc%3D&i=9038166945075165301&&&cb=720627&adv_imp=45900364-ebbc-481a-8893-5ae6b73a23cc&gen_imp=true&adv_int_imp=4a7ebf27-1dd6-4401-a31c-11cdefcfc5d8&zf=%7B%22property_code%22%3A%22TADE48391106_%5BADV_LOCAL_LANG%5D%22%2C%22browser_lang%22%3A%22%5BADV_LOCAL_LANG%5D%22%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-79.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ba6eda7945ab8d7e57b34cc5a3dd292fa2e4c60a5ced79236ecf1a9e0f0c2d32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://delivery.advanseads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:24 GMT
Content-Encoding
gzip
Via
1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront)
Last-Modified
Mon, 21 Nov 2022 21:46:08 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA2-C2
Age
27
ETag
"2f3f6542df672b22ca8a0c37ec3a6f1c"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Cache-Control
max-age=60
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
33409
X-Amz-Cf-Id
NvPSQatEJFvXDZMkltYnbClsFCNUcToL9OJoWtc4G_KLZYUrX9YQPw==
jquery-ui.min.js
cdn.advanseads.com/dnaFiles/js/ Frame 5B21 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.advanseads.com/dnaFiles/js/jquery-ui.min.js?v=1671855657369
Requested by
Host: delivery.advanseads.com
URL: https://delivery.advanseads.com/1.0/ifr.php?zid=77191&dt=2&cb=1305348382&c=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FXwfOGVHaWz8c5PNfJ8JUPwAAAIA9Cu8_HOTzXyfCVD9gB84ZUdpbP3X44UXzBG59jRdONcm4NVZXz6ZjAAAAAJdDgQEYKAAA6h8AAAIAAAAgNuAPnuYfAAAAAABVU0QARVVSANgCWgAx-QAAAAABAQUCAAAAAMoAJiTwUgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521xRSavgjVn4IXEKDsgH8Yns1_IAAoADF7FK5H4XqEPzoJRlJBMTo1Njc5QIgwSQAAAAAAAPA_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAANA_aQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DODE3MCNGUkExOjU2Nzk%3D%2Fbn%3D93300%2Fclickenc%3D&i=9038166945075165301&&&cb=720627&adv_imp=45900364-ebbc-481a-8893-5ae6b73a23cc&gen_imp=true&adv_int_imp=4a7ebf27-1dd6-4401-a31c-11cdefcfc5d8&zf=%7B%22property_code%22%3A%22TADE48391106_%5BADV_LOCAL_LANG%5D%22%2C%22browser_lang%22%3A%22%5BADV_LOCAL_LANG%5D%22%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-79.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5160f8e7cf65486d4ef7ac14e03e5f5ae69449527b99fe4ea4634bd829e9ef8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://delivery.advanseads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:24 GMT
Content-Encoding
gzip
Via
1.1 2f194b62c8c43859cbf5af8e53a8d2a6.cloudfront.net (CloudFront)
Last-Modified
Mon, 21 Nov 2022 21:46:08 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA2-C2
Age
33
ETag
"c2c82f26c33b13dbb33539dcffb2f945"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Cache-Control
max-age=60
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7065
X-Amz-Cf-Id
tGIqrsxWviG4TvQOvsXKQMJnUwdYGyydcWpbh6KDaT3X5vswrt1KnQ==
html_render_v4.min.js
cdn.advanseads.com/dnaFiles/js/ Frame 5B21 		267 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.advanseads.com/dnaFiles/js/html_render_v4.min.js?v=1671855657369
Requested by
Host: delivery.advanseads.com
URL: https://delivery.advanseads.com/1.0/ifr.php?zid=77191&dt=2&cb=1305348382&c=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FXwfOGVHaWz8c5PNfJ8JUPwAAAIA9Cu8_HOTzXyfCVD9gB84ZUdpbP3X44UXzBG59jRdONcm4NVZXz6ZjAAAAAJdDgQEYKAAA6h8AAAIAAAAgNuAPnuYfAAAAAABVU0QARVVSANgCWgAx-QAAAAABAQUCAAAAAMoAJiTwUgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521xRSavgjVn4IXEKDsgH8Yns1_IAAoADF7FK5H4XqEPzoJRlJBMTo1Njc5QIgwSQAAAAAAAPA_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAANA_aQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DODE3MCNGUkExOjU2Nzk%3D%2Fbn%3D93300%2Fclickenc%3D&i=9038166945075165301&&&cb=720627&adv_imp=45900364-ebbc-481a-8893-5ae6b73a23cc&gen_imp=true&adv_int_imp=4a7ebf27-1dd6-4401-a31c-11cdefcfc5d8&zf=%7B%22property_code%22%3A%22TADE48391106_%5BADV_LOCAL_LANG%5D%22%2C%22browser_lang%22%3A%22%5BADV_LOCAL_LANG%5D%22%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-79.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b8e71ebd3510e78168bb99c6b46bcffb9331407ac87edcf189a9e4598cd7f20b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://delivery.advanseads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:06:43 GMT
Content-Encoding
gzip
Via
1.1 2afacc6ad96dbba3f0b477cd95f16458.cloudfront.net (CloudFront)
Last-Modified
Mon, 21 Nov 2022 21:46:08 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA2-C2
Age
42
ETag
"70ffc5ee6aa464493e8cdda9fa414f5b"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Cache-Control
max-age=60
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
41602
X-Amz-Cf-Id
4Rm0qTJlN2BfsRjTOpysRgNvjSGglFk5UTFAQGJZxKgFoe70MVkhDA==
slick.css
cdn.advanseads.com/dnaFiles/js/slick-1.4.1/slick/ Frame 5B21 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.advanseads.com/dnaFiles/js/slick-1.4.1/slick/slick.css
Requested by
Host: delivery.advanseads.com
URL: https://delivery.advanseads.com/1.0/ifr.php?zid=77191&dt=2&cb=1305348382&c=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FXwfOGVHaWz8c5PNfJ8JUPwAAAIA9Cu8_HOTzXyfCVD9gB84ZUdpbP3X44UXzBG59jRdONcm4NVZXz6ZjAAAAAJdDgQEYKAAA6h8AAAIAAAAgNuAPnuYfAAAAAABVU0QARVVSANgCWgAx-QAAAAABAQUCAAAAAMoAJiTwUgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521xRSavgjVn4IXEKDsgH8Yns1_IAAoADF7FK5H4XqEPzoJRlJBMTo1Njc5QIgwSQAAAAAAAPA_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAANA_aQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DODE3MCNGUkExOjU2Nzk%3D%2Fbn%3D93300%2Fclickenc%3D&i=9038166945075165301&&&cb=720627&adv_imp=45900364-ebbc-481a-8893-5ae6b73a23cc&gen_imp=true&adv_int_imp=4a7ebf27-1dd6-4401-a31c-11cdefcfc5d8&zf=%7B%22property_code%22%3A%22TADE48391106_%5BADV_LOCAL_LANG%5D%22%2C%22browser_lang%22%3A%22%5BADV_LOCAL_LANG%5D%22%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-79.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6f173fbde897c4b5e403c91d99bfc6d671efea799450ca3b11c0d1bcce2ddfc1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://delivery.advanseads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:24 GMT
Content-Encoding
gzip
Via
1.1 0d94766f433ae64cf30c40acb74fc43e.cloudfront.net (CloudFront)
Last-Modified
Mon, 21 Nov 2022 21:46:08 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA2-C2
Age
28
ETag
"5fa4f41f00b5dfb699e109dee4eae97c"
X-Cache
Hit from cloudfront
Content-Type
text/css
Cache-Control
max-age=60
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
562
X-Amz-Cf-Id
qayZs2kqY140CQWT2CkjQcfIic4MluOmEnp6MaZ9HsMFrrNDHGmfhw==
slick-theme.css
cdn.advanseads.com/dnaFiles/js/slick-1.4.1/slick/ Frame 5B21 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.advanseads.com/dnaFiles/js/slick-1.4.1/slick/slick-theme.css
Requested by
Host: delivery.advanseads.com
URL: https://delivery.advanseads.com/1.0/ifr.php?zid=77191&dt=2&cb=1305348382&c=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FXwfOGVHaWz8c5PNfJ8JUPwAAAIA9Cu8_HOTzXyfCVD9gB84ZUdpbP3X44UXzBG59jRdONcm4NVZXz6ZjAAAAAJdDgQEYKAAA6h8AAAIAAAAgNuAPnuYfAAAAAABVU0QARVVSANgCWgAx-QAAAAABAQUCAAAAAMoAJiTwUgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521xRSavgjVn4IXEKDsgH8Yns1_IAAoADF7FK5H4XqEPzoJRlJBMTo1Njc5QIgwSQAAAAAAAPA_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAANA_aQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DODE3MCNGUkExOjU2Nzk%3D%2Fbn%3D93300%2Fclickenc%3D&i=9038166945075165301&&&cb=720627&adv_imp=45900364-ebbc-481a-8893-5ae6b73a23cc&gen_imp=true&adv_int_imp=4a7ebf27-1dd6-4401-a31c-11cdefcfc5d8&zf=%7B%22property_code%22%3A%22TADE48391106_%5BADV_LOCAL_LANG%5D%22%2C%22browser_lang%22%3A%22%5BADV_LOCAL_LANG%5D%22%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-79.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b912f9dcae358b9ef7e2d6b1f368eeabe05d17af890ff48ce0820e9facbc9fe7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://delivery.advanseads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:06:43 GMT
Content-Encoding
gzip
Via
1.1 32e3b86ae254a231182567c0124af892.cloudfront.net (CloudFront)
Last-Modified
Mon, 21 Nov 2022 21:46:08 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA2-C2
Age
42
ETag
"f17640c32826b04bf24d9894fb643a06"
X-Cache
Hit from cloudfront
Content-Type
text/css
Cache-Control
max-age=60
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
858
X-Amz-Cf-Id
v266EB5cVa0kSZiKDTXGbJCe3QgRCvzESBmCO_qbywK_gyUd7Csxlw==
slick.js
cdn.advanseads.com/dnaFiles/js/slick-1.4.1/slick/ Frame 5B21 		64 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.advanseads.com/dnaFiles/js/slick-1.4.1/slick/slick.js
Requested by
Host: delivery.advanseads.com
URL: https://delivery.advanseads.com/1.0/ifr.php?zid=77191&dt=2&cb=1305348382&c=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FXwfOGVHaWz8c5PNfJ8JUPwAAAIA9Cu8_HOTzXyfCVD9gB84ZUdpbP3X44UXzBG59jRdONcm4NVZXz6ZjAAAAAJdDgQEYKAAA6h8AAAIAAAAgNuAPnuYfAAAAAABVU0QARVVSANgCWgAx-QAAAAABAQUCAAAAAMoAJiTwUgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521xRSavgjVn4IXEKDsgH8Yns1_IAAoADF7FK5H4XqEPzoJRlJBMTo1Njc5QIgwSQAAAAAAAPA_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAANA_aQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DODE3MCNGUkExOjU2Nzk%3D%2Fbn%3D93300%2Fclickenc%3D&i=9038166945075165301&&&cb=720627&adv_imp=45900364-ebbc-481a-8893-5ae6b73a23cc&gen_imp=true&adv_int_imp=4a7ebf27-1dd6-4401-a31c-11cdefcfc5d8&zf=%7B%22property_code%22%3A%22TADE48391106_%5BADV_LOCAL_LANG%5D%22%2C%22browser_lang%22%3A%22%5BADV_LOCAL_LANG%5D%22%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-79.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a8e91147663e766b9d516e4b7fd39f21685b1866829dd58595a997463a3d1b24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://delivery.advanseads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:24 GMT
Content-Encoding
gzip
Via
1.1 e5b747ffd1713cb17ddd7d55234a3300.cloudfront.net (CloudFront)
Last-Modified
Mon, 21 Nov 2022 21:46:08 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA2-C2
Age
18
ETag
"f84730051b59e2bbe89c299bbbf8e967"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Cache-Control
max-age=60
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10898
X-Amz-Cf-Id
ZsL6lPnd_EG6UuIgaJyhAP-rSgR-iLjpTrqPSfu8SymGT0lcyv38-g==
usync.html
eus.rubiconproject.com/ Frame DCA8 		281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 10:07:24 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame A5E5 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
53032
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 24 Dec 2022 10:07:24 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 15 Dec 2022 19:23:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
100, 272310
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220072-HHN
X-Timer
S1671876444.098092,VS0,VE0
ixmatch.html
js-sec.indexww.com/um/ Frame E462 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
414
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
77e8879f9c962bd2-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 10:07:24 GMT
expires
Sat, 24 Dec 2022 14:07:24 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 261B 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=157696
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sat, 24 Dec 2022 10:07:24 GMT
expires
Mon, 26 Dec 2022 05:55:40 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
vevent
fra1-ib.adnxs.com/ Frame 3A7C 		0
951 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fforward.com%2F&e=wqT_3QKNC_BMjQUAAAMA1gAFAQjVnpudBhC8ob3UlKu_tkYYja-4qpOZ7ppWKjYJbqMBvAUShD8Rjrw5fbkmfz8ZAAAAgD0K7z8hjrw5fbkmfz8pbqMJJPCBMQAAAEDhepQ_MJeHhQw4mFBAqTlIAlCgxcedAViezX9gAGix8pcBeKXZBYABAYoBA1VTRJIBA0VVUpgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAml1ZignYScsIDE2OTQzNjgsIDApO3VmKCdpJywgNTI0OTAyMBUULGcnLCAxNzgwMTcxORUVMHMnLCAyNzY2MTc1MDAVFjByJywgMzMwNDI0OTkyBRbwtpIC8QQha1hqMmhRaXo2WkFaRUtERng1MEJHQUFnbnMxX01BRTRBRUFBU0trNVVKZUhoUXhZQUdDOUJtZ0FjQUI0QUlBQkFJZ0JBSkFCQVpnQkFhQUJBcWdCQXJBQkFMa0Izd0FGUlozcWdqX0JBWGRzZ0owV0U0UV95UUVBQUFBQUFBRHdQOWtCU0RNV1RXY243al9nQWZ5dndBTDFBWVhya1QtWUFnQ2dBZ0MxQWdBQUFBQzlBZwE58FVEQUFnRElBZ0RRQWdEWUFnRGdBdm5jbVNIb0FvZmFscDBHLUFJQWdBTUJtQU1Cb2dNT0NQdXR2aWNRQkJnQkxUbEtPRHFpQXc0SS1keVpJUkFKR0FJdAFagEFLSURFd2l4LU40bUVBb1lBUzExWUpZX01nTjFibXVpQRk0BExHETTATG9EQ1VaU1FURTZOVFEwTk9BRGlEQ0FCTGlqaXdpSUJPdl9xQWlRQkFHWUJBVEJCQQVqBQEIeVFRBQgFARhOZ0VBUEVFBQwFAVBDSUJjUXFtQVdjc3ZPREFha0ZTRE0tLAgteEIdOwh3UVUFMgUBCE1rRgEIHFlOSmQ3el9SLigAADIVKPBDRHdQLUFGMUFmd0JmZkR2Z2o0QmFDMVo0SUdBMFZWVW9nR0FKQUdBWmdHQUtFR1BRclhvM0E5OGotb0JnU3lCaVFKQUEBZgUBAFIFBgkBAFoJBwUBAGgFBgUBQEM0QmdvLpoCmQEhaWhXVkpBOnUCLEo3TmZ5QUFLQUF4UBVtBDg2MlkBQEVDSU1FbElNeFpOWnlmdVAxPSwERmsFZwUBAEcdGABHHRgASB0YDEhnQWkuiQLw9XcuLtgCAOACm4VO6gIUaHR0cHM6Ly9mb3J3YXJkLmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APw0pIB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDgwLjI1NS43LjEwOKgEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANIEDjczMzcjRlJBMTo1NDQ02gQCCAHgBAHwBKDFx50BiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFhQH6BQQIABAAkAYAmAYAuAYAwQYAAAElKPA_0Aa0JdoGFgoQAQ8uAQB0EAAYAOAGAfIGAggAgAcBiAcAoAcByAel2QXSBw0JESoBJgzaBwYIBQlo4AcA6gcCCADwB5bFA4oIAhAAlQgAAIA_mAgB&s=96e521e271c2832453674397daa5211ba471f6a2&type=nv&nvt=5&jm=1003&sid=1425382271713132305&vd=ct~0|rr~0&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=25248663&cid=3&cr=nv&sw=1600&sh=1200&pw=728&ph=90&ww=728&wh=90&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/231/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:24 GMT
AN-X-Request-Uuid
85fa52a3-d9d3-4a08-b3e0-88bd4168d1ce
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
manifest.js
cdn.flashtalking.com/129256/3290827/ Frame 64B6 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/129256/3290827/manifest.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
b549e1e3f53c1b57450430ae5a523d1676dec898d0186d417f67ed8b5adbcb45

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:24 GMT
Content-Encoding
gzip
x-amz-request-id
QHTPX3HNAXXHYNEQ
Connection
Keep-Alive
Content-Length
1585
x-amz-id-2
TCrRsN4TkmVnQxt5XP1DtLMiLGjP4op14EMpN+IfsykIX92Q+tf7cnS93b0aTWik4WGj27mmYqQ=
Last-Modified
Mon, 28 Dec 2020 13:38:23 GMT
ETag
"1609162703"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
X-HW
1671876439.dop144.fr8.t,1671876439.cds052.fr8.shn,1671876442.dop144.fr8.t,1671876444.cds273.fr8.pr
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Accept-Ranges
bytes
manifest.js
cdn.flashtalking.com/129256/3290827/ Frame EC34 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/129256/3290827/manifest.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
b549e1e3f53c1b57450430ae5a523d1676dec898d0186d417f67ed8b5adbcb45

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:24 GMT
Content-Encoding
gzip
x-amz-request-id
QHTPX3HNAXXHYNEQ
Connection
Keep-Alive
Content-Length
1585
x-amz-id-2
TCrRsN4TkmVnQxt5XP1DtLMiLGjP4op14EMpN+IfsykIX92Q+tf7cnS93b0aTWik4WGj27mmYqQ=
Last-Modified
Mon, 28 Dec 2020 13:38:23 GMT
ETag
"1609162703"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
X-HW
1671876439.dop133.fr8.t,1671876439.cds107.fr8.shn,1671876442.dop133.fr8.t,1671876444.cds273.fr8.pr
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Accept-Ranges
bytes
2500852-15.js
smarttag.rubiconproject.com/a/23684/436810/ Frame 2752 		1 KB
897 B 		Script
General
Check archive.org
Download Go to
Full URL
https://smarttag.rubiconproject.com/a/23684/436810/2500852-15.js?&cb=0.8833666955903907&tk_st=1&rf=https%3A//forward.com/news/529130/george-santos-jewish-lie-genealogy-records/&rp_s=c&p_pos=btf&p_screen_res=1600x1200&ad_slot=436810_15&rp_secure=1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/ad/23684.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
b3f7adb6271bcb2c0caac593336872306dd67c88650c4a677bdeae4ea1cc4732

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:24 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
text/javascript
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
824
expires
Wed, 17 Sep 1975 21:32:10 GMT
setuid
prebid.bidstreamserver.com/ Frame 784B
Redirect Chain
  • https://onetag-sys.com/usync/?redir=https%3A%2F%2Fprebid.bidstreamserver.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D
  • https://prebid.bidstreamserver.com/setuid?bidder=onetag&gdpr=&gdpr_consent=&f=b&uid=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.bidstreamserver.com/setuid?bidder=onetag&gdpr=&gdpr_consent=&f=b&uid=
Requested by
Host: ads.bidstreamserver.com
URL: https://ads.bidstreamserver.com/js/prebid-bidstream-7.16.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.227.116.104 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
prebid2.advertserve.com
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
text/html
date
Sat, 24 Dec 2022 10:07:24 GMT
expires
0
pragma
no-cache
server
nginx
vary
Accept-Encoding Origin
x-frame-options
DENY

Redirect headers

cache-control
no-store
content-length
0
location
https://prebid.bidstreamserver.com/setuid?bidder=onetag&gdpr=&gdpr_consent=&f=b&uid=
strict-transport-security
max-age=15552000
manifest.js
cdn.flashtalking.com/129256/3290827/ Frame C39E 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/129256/3290827/manifest.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
b549e1e3f53c1b57450430ae5a523d1676dec898d0186d417f67ed8b5adbcb45

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:24 GMT
Content-Encoding
gzip
x-amz-request-id
QHTPX3HNAXXHYNEQ
Connection
Keep-Alive
Content-Length
1585
x-amz-id-2
TCrRsN4TkmVnQxt5XP1DtLMiLGjP4op14EMpN+IfsykIX92Q+tf7cnS93b0aTWik4WGj27mmYqQ=
Last-Modified
Mon, 28 Dec 2020 13:38:23 GMT
ETag
"1609162703"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
X-HW
1671876439.dop004.fr8.shc,1671876442.dop004.fr8.t,1671876444.cds273.fr8.pr
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Accept-Ranges
bytes
setuid
prebid.bidstreamserver.com/ Frame 2E2E
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=&us_privacy=&cb=https%3A%2F%2Fprebid.bidstreamserver.com%2Fsetuid%3Fbidder%3Damx%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D
  • https://prebid.bidstreamserver.com/setuid?bidder=amx&gdpr=&gdpr_consent=&f=i&uid=e34ba96c-4dff-48ce-b3df-96cd9cd1994d&gdpr=&gdpr_consent=&us_privacy=
86 B
469 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.bidstreamserver.com/setuid?bidder=amx&gdpr=&gdpr_consent=&f=i&uid=e34ba96c-4dff-48ce-b3df-96cd9cd1994d&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Server
165.227.116.104 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
prebid2.advertserve.com
Software
nginx /
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:25 GMT
server
nginx
vary
Origin
x-frame-options
DENY
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
content-length
86
expires
0

Redirect headers

location
https://prebid.bidstreamserver.com/setuid?bidder=amx&gdpr=&gdpr_consent=&f=i&uid=e34ba96c-4dff-48ce-b3df-96cd9cd1994d&gdpr=&gdpr_consent=&us_privacy=
date
Sat, 24 Dec 2022 10:07:23 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
content-length
0
async_usersync
ib.adnxs.com/ Frame 5B39 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1654713&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:24 GMT
AN-X-Request-Uuid
04f6d139-8c4e-4085-9988-ac2e00d24d08
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
B25884809.304952787;dc_ver=92.271;dc_eid=40004001;sz=728x90;u_sd=1;gdpr=0;aucid=4785499947907653564;crid=292929924;ioid=%24%7BINSERTION_ORDER_ID%7D;liid=%24%7BCAMPAIGN_ID%7D;segid=%24%7BPIXEL_ID_CO...
ad.doubleclick.net/ddm/adj/N163801.2560713PROPERTYSOLUTIONS/ Frame 3CF9 		65 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N163801.2560713PROPERTYSOLUTIONS/B25884809.304952787;dc_ver=92.271;dc_eid=40004001;sz=728x90;u_sd=1;gdpr=0;aucid=4785499947907653564;crid=292929924;ioid=%24%7BINSERTION_ORDER_ID%7D;liid=%24%7BCAMPAIGN_ID%7D;segid=%24%7BPIXEL_ID_COMMA%7D;srcid=%24%7BSOURCE_URL%7D;dc_adk=3735381077;ord=61ayn8;click=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FYmLzcW2oiD9m_6zPlmCCPwAAAIA9Cu8_Zv-sz5Zggj9jYvNxbaiIP7yfrxPZgmlCjRdONcm4NVZXz6ZjAAAAAJdDgQEYKAAA6h8AAAIAAACEwXURnuYfAAAAAABVU0QARVVSANgCWgAx-QAAAAABAQUCAAAAAMoA0CfszAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%25210hWJIAjMsMQTEISD14sBGJ7NfyAAKAAxmpmZmZmZuT86CUZSQTE6NTQ0OUCIMEkAAAAAAADwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAADQP2kAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DODE3MCNGUkExOjU0NDk%3D%2Fbn%3D93344%2Fclickenc%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Fforward.com%2F$0;xdt=1;crlt=SGqX)'TyIK;gcsr=m;stc=1;chaa=1;sttr=2070;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v92.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
cafe /
Resource Hash
e67acaac5e4f84871ffc2308e16ff993d27823ead434c8ec80144161c15fca39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28056
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
manifest.js
cdn.flashtalking.com/129256/3290827/ Frame ED46 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/129256/3290827/manifest.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
b549e1e3f53c1b57450430ae5a523d1676dec898d0186d417f67ed8b5adbcb45

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:24 GMT
Content-Encoding
gzip
x-amz-request-id
A3W3JZMQ6B3A7ZQC
Connection
Keep-Alive
Content-Length
1596
x-amz-id-2
81VpJH6sMeTRRu33fvcwav90huAwDbz/QwEA9vQhzEByjA6D5zHyTJ2PpE4cL4r6Glf3/Z/V5ZQ=
Last-Modified
Mon, 28 Dec 2020 13:38:23 GMT
ETag
"1609162703"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
X-HW
1671876439.dop231.fr8.t,1671876439.cds164.fr8.shn,1671876440.dop231.fr8.t,1671876444.cds274.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=973
Accept-Ranges
bytes
manifest.js
cdn.flashtalking.com/129256/3290827/ Frame 1A6B 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/129256/3290827/manifest.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
b549e1e3f53c1b57450430ae5a523d1676dec898d0186d417f67ed8b5adbcb45

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:24 GMT
Content-Encoding
gzip
x-amz-request-id
A3W3JZMQ6B3A7ZQC
Connection
Keep-Alive
Content-Length
1596
x-amz-id-2
81VpJH6sMeTRRu33fvcwav90huAwDbz/QwEA9vQhzEByjA6D5zHyTJ2PpE4cL4r6Glf3/Z/V5ZQ=
Last-Modified
Mon, 28 Dec 2020 13:38:23 GMT
ETag
"1609162703"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
X-HW
1671876439.dop139.fr8.t,1671876439.cds159.fr8.shn,1671876440.dop139.fr8.t,1671876444.cds274.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=973
Accept-Ranges
bytes
async_usersync
ib.adnxs.com/ Frame 84A8 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1654713&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:24 GMT
AN-X-Request-Uuid
19162458-0f52-49dd-9461-ab66776d2b64
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 24CB 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1654713&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:24 GMT
AN-X-Request-Uuid
086557d0-3f7e-4264-a121-4c8a23e15ed9
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
fra1-ib.adnxs.com/ Frame B5EE 		0
951 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fforward.com%2F&e=wqT_3QKNC_BMjQUAAAMA1gAFAQjVnpudBhDAu6a6ptvu6k8Yja-4qpOZ7ppWKjYJbqMBvAUShD8Rjrw5fbkmfz8ZAAAAgD0K7z8hjrw5fbkmfz8pbqMJJPCBMQAAAEDhepQ_MJeHhQw4mFBAqTlIAlCgxcedAViezX9gAGix8pcBeL2IBoABAYoBA1VTRJIBA0VVUpgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAml1ZignYScsIDE2OTQzNjgsIDApO3VmKCdpJywgNTI0OTAyMBUULGcnLCAxNzgwMTcxORUVMHMnLCAyNzY2MTc1MDAVFjByJywgMzMwNDI0OTkyBRbwtpIC8QQhd1hndXBBaXo2WkFaRUtERng1MEJHQUFnbnMxX01BRTRBRUFBU0trNVVKZUhoUXhZQUdDOUJtZ0FjQUI0QUlBQkFJZ0JBSkFCQVpnQkFhQUJBcWdCQXJBQkFMa0Izd0FGUlozcWdqX0JBWGRzZ0owV0U0UV95UUVBQUFBQUFBRHdQOWtCU0RNV1RXY243al9nQWZ5dndBTDFBWVhya1QtWUFnQ2dBZ0MxQWdBQUFBQzlBZwE58FVEQUFnRElBZ0RRQWdEWUFnRGdBdm5jbVNIb0FvZmFscDBHLUFJQWdBTUJtQU1Cb2dNT0NQdXR2aWNRQkJnQkxUbEtPRHFpQXc0SS1keVpJUkFKR0FJdAFagEFLSURFd2l4LU40bUVBb1lBUzExWUpZX01nTjFibXVpQRk0BExHETTATG9EQ1VaU1FURTZOall5T2VBRGlEQ0FCTGlqaXdpSUJPdl9xQWlRQkFHWUJBVEJCQQVqBQEIeVFRBQgFARhOZ0VBUEVFBQwFAVBDSUJlVXptQVdjc3ZPREFha0ZTRE0tLAgteEIdOwh3UVUFMgUBCE1rRgEIHFlOSmQ3el9SLigAADIVKPBDRHdQLUFGMUFmd0JmZkR2Z2o0QmFDMVo0SUdBMFZWVW9nR0FKQUdBWmdHQUtFR1BRclhvM0E5OGotb0JnU3lCaVFKQUEBZgUBAFIFBgkBAFoJBwUBAGgFBgUBQEM0QmdvLpoCmQEha0JVLUpnOnUCLEo3TmZ5QUFLQUF4UBVtBDg2MlkBQFVDSU1FbElNeFpOWnlmdVAxPSwERmsFZwUBAEcdGABHHRgASB0YDEhnQWkuiQLw9XcuLtgCAOACm4VO6gIUaHR0cHM6Ly9mb3J3YXJkLmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APw0pIB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDgwLjI1NS43LjEwOKgEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANIEDjczMzcjRlJBMTo2NjI52gQCCAHgBAHwBKDFx50BiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFhQH6BQQIABAAkAYAmAYAuAYAwQYAAAElKPA_0Aa0JdoGFgoQAQ8uAQB0EAAYAOAGAfIGAggAgAcBiAcAoAcByAe9iAbSBw0JESoBJgzaBwYIBQlo4AcA6gcCCADwB5bFA4oIAhAAlQgAAIA_mAgB&s=bece0156ede62446068730dcc753cd737a157cc9&type=nv&nvt=5&jm=1003&sid=1425382271713132305&vd=ct~0|rr~0&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=25248663&cid=3&cr=nv&sw=1600&sh=1200&pw=728&ph=90&ww=728&wh=90&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/231/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:24 GMT
AN-X-Request-Uuid
3248cc4c-68f6-46ac-b3d2-b39d1ffc2fd7
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
banner
ad4.adfarm1.adition.com/ Frame 7DB7 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4.adfarm1.adition.com/banner?sid=4751363&adjsver=3&fvers=&iframe=1&ref=https%3A//flashnetic.com/r/p.html%3Ff%3Djxkpnhr%26e%3D1544311770728&ro=https%3A//flashnetic.com/r/p.html%3Ff%3Djxkpnhr%26e%3D1544311770728&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/108.0.5359.124%20Safari/537.36&os=17&browser=11&userid=7180654624183416986&wi=1301802925&ac=1&kw=%5Bmtp%5D%28cid%29370276156%5BAAID%5D%5BIDFA%5D%5Bu%5Dhttps%3A%2F%2Fforward.com%2F%5Bp%5D1654713%5Bmtp%5D%28segc%29&gdpr=0&screen_res=6&prf[ADVERTISINGID]=&prf[IDFA]=&prf[paadformat]=728x90&prf[paappid]=&prf[paauction]=7669338047087492488&prf[pacarrier]=1&prf[paclickid]=&prf[padevice]=0&prf[padevid]=&prf[padsp]=apx&prf[padspuserid]=6212074435349714829&prf[pageolat]=&prf[pageolon]=&prf[paplacementid]=6063205&prf[papublisherid]=1654713&prf[paref]=https://forward.com/&prf[pasource]=&prf[passp]=10264&prf[pasupplytype]=0&prf[pavendor]=&wpt=J&clickurl=https%3A%2F%2Ffra1%2Dib.adnxs.com%2Fclick%3Fk653z5Oysz%5FLwY9BKFSuPwAAAIA9Cu8%5FKcz3Y8W2tj8aL90kBoG9P4i9CedR9m5qjRdONcm4NVZXz6ZjAAAAAJdDgQEYKAAAsAQAAAIAAAA89xEWnuYfAAAAAABVU0QARVVSANgCWgAx%2DQAAAAABAQUCAAAAAMoAEyY8SgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521PBIcEgiWzrgZELzux7ABGJ7NfyAAKAAxAAAAAAAAAAA6CUZSQTE6NTY4N0CIMElIMxZNZyfuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTIwMCNGUkExOjU2ODc%3D%2Fbn%3D93360%2Fclickenc%3D
Requested by
Host: ad4.adfarm1.adition.com
URL: https://ad4.adfarm1.adition.com/js?wp_id=4751363&gdpr=0&gdpr_consent=&prf[paappid]=&prf[padevid]=&prf[IDFA]=&prf[ADVERTISINGID]=&prf[pasource]=&prf[paplacementid]=6063205&prf[papublisherid]=1654713&prf[paref]=https%3A%2F%2Fforward.com%2F&prf[pasupplytype]=0&prf[padsp]=apx&prf[padevice]=0&prf[paadformat]=728x90&prf[pavendor]=&prf[paclickid]=&prf[pacarrier]=1&prf[paauction]=7669338047087492488&prf[pageolat]=&prf[pageolon]=&prf[padspuserid]=6212074435349714829&prf[passp]=10264&keyword=[mtp](cid)370276156[AAID][IDFA][u]https%3A%2F%2Fforward.com%2F[p]1654713[mtp](segc)&clickurl=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3Fk653z5Oysz_LwY9BKFSuPwAAAIA9Cu8_Kcz3Y8W2tj8aL90kBoG9P4i9CedR9m5qjRdONcm4NVZXz6ZjAAAAAJdDgQEYKAAAsAQAAAIAAAA89xEWnuYfAAAAAABVU0QARVVSANgCWgAx-QAAAAABAQUCAAAAAMoAEyY8SgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521PBIcEgiWzrgZELzux7ABGJ7NfyAAKAAxAAAAAAAAAAA6CUZSQTE6NTY4N0CIMElIMxZNZyfuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTIwMCNGUkExOjU2ODc%3D%2Fbn%3D93360%2Fclickenc%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad4.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
94ef218f90c37d78d7e4d1efdb95fd996f6c9d9e0e08add39f2a81350391b0b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:07:24 +0100
content-encoding
gzip
server
ADITIONSERVER v1.0
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
content-type
text/javascript
cache-control
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
manifest.js
cdn.flashtalking.com/129256/3290827/ Frame E2E0 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/129256/3290827/manifest.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
b549e1e3f53c1b57450430ae5a523d1676dec898d0186d417f67ed8b5adbcb45

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:24 GMT
Content-Encoding
gzip
x-amz-request-id
A3W3JZMQ6B3A7ZQC
Connection
Keep-Alive
Content-Length
1596
x-amz-id-2
81VpJH6sMeTRRu33fvcwav90huAwDbz/QwEA9vQhzEByjA6D5zHyTJ2PpE4cL4r6Glf3/Z/V5ZQ=
Last-Modified
Mon, 28 Dec 2020 13:38:23 GMT
ETag
"1609162703"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
X-HW
1671876439.dop107.fr8.t,1671876439.cds251.fr8.shn,1671876440.dop107.fr8.t,1671876444.cds274.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=973
Accept-Ranges
bytes
manifest.js
cdn.flashtalking.com/129256/3290827/ Frame 9A07 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/129256/3290827/manifest.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
b549e1e3f53c1b57450430ae5a523d1676dec898d0186d417f67ed8b5adbcb45

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:24 GMT
Content-Encoding
gzip
x-amz-request-id
QHTPX3HNAXXHYNEQ
Connection
Keep-Alive
Content-Length
1585
x-amz-id-2
TCrRsN4TkmVnQxt5XP1DtLMiLGjP4op14EMpN+IfsykIX92Q+tf7cnS93b0aTWik4WGj27mmYqQ=
Last-Modified
Mon, 28 Dec 2020 13:38:23 GMT
ETag
"1609162703"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
X-HW
1671876439.dop144.fr8.t,1671876439.cds052.fr8.shn,1671876442.dop144.fr8.t,1671876444.cds273.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Accept-Ranges
bytes
impl_v92.js
www.googletagservices.com/dcm/ Frame 5B10 		60 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v92.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8acf96115cb55ad61bfdc24b7918a946d1b983ac14062a584dbbe8744021430a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 18 Dec 2022 01:33:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
549254
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23563
x-xss-protection
0
last-modified
Mon, 07 Nov 2022 16:32:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 18 Dec 2023 01:33:10 GMT
async_usersync
ib.adnxs.com/ Frame 091D 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1654713&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:24 GMT
AN-X-Request-Uuid
a6480707-3572-4346-a562-0b679040f320
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
index.html
cdn.flashtalking.com/129256/3290827/ Frame 832F 		19 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/129256/3290827/index.html
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/616/6162252/3290827/js/j-6162252-3290827.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
0e1a73d8aa5cf64730ebb7a906c9bb1d1909c992a39ec954b8e13634d7af8574

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Access-Control-Max-Age
3000
Cache-Control
max-age=461
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
3587
Content-Type
text/html
Date
Sat, 24 Dec 2022 10:07:24 GMT
ETag
"1609162701"
Last-Modified
Mon, 28 Dec 2020 13:38:21 GMT
X-HW
1671876439.dop139.fr8.t,1671876439.cds159.fr8.shn,1671876440.dop139.fr8.t,1671876444.cds274.fr8.c
x-amz-id-2
744vRbpfJGj4dJkr6iDWG1jU8hi3eZGf4o1tVkOHQwnUF2gL+GxDyc+F84lA2cBvGshl8UlwPSQ=
x-amz-request-id
5RHMKTHJTWAEHE73
skeleton.js
pixel.adsafeprotected.com/rjss/st/992712/61653181/ Frame 0E9D 		46 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/rjss/st/992712/61653181/skeleton.js?951933410
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/616/6162252/3290827/js/j-6162252-3290827.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.4.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-4-225.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a28a26208365888103818ef022f461f9cddf9db06206e74c49b4c329b845b6b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:24 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
ftpagefold_v4.7.2.js
cdn.flashtalking.com/pageFold/ Frame 0E9D 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/pageFold/ftpagefold_v4.7.2.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/616/6162252/3290827/js/j-6162252-3290827.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
04a4ec051482dbeac84bf68c61fe3abc1cd91a21d49527e14521723bd7606d94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:24 GMT
Content-Encoding
gzip
x-amz-request-id
0VYE1R4B5BFAPA6M
Connection
Keep-Alive
Content-Length
5535
x-amz-id-2
j5KwgsYGbP/r3C8dM97qc+3TabospPpV6qv0lM7drK8sHr8ilGKec0TvlW0suf8hIhcWl4UsqQo=
Last-Modified
Fri, 04 Nov 2022 15:59:45 GMT
ETag
"1667577585"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-HW
1671876439.dop231.fr8.t,1671876439.cds164.fr8.shn,1671876440.dop231.fr8.t,1671876444.cds274.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=21652
Accept-Ranges
bytes
B27471378.331615144;dc_pre=CJPfxIyBkvwCFQGJdwodrgoC6A;dc_trk_aid=523976581;dc_trk_cid=168322537;ord=1671876440;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimp/N526601.2621703GROUPMCOMPETENCEC/ Frame 0E9D
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N526601.2621703GROUPMCOMPETENCEC/B27471378.331615144;dc_trk_aid=523976581;dc_trk_cid=168322537;ord=1671876440;dc_lat=;dc_rdid=;tag_for_child_directed_treatme...
  • https://ad.doubleclick.net/ddm/trackimp/N526601.2621703GROUPMCOMPETENCEC/B27471378.331615144;dc_pre=CJPfxIyBkvwCFQGJdwodrgoC6A;dc_trk_aid=523976581;dc_trk_cid=168322537;ord=1671876440;dc_lat=;dc_rd...
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N526601.2621703GROUPMCOMPETENCEC/B27471378.331615144;dc_pre=CJPfxIyBkvwCFQGJdwodrgoC6A;dc_trk_aid=523976581;dc_trk_cid=168322537;ord=1671876440;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?&227609798
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=omaxbbue&e=1544311770728
Protocol
H3
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:24 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N526601.2621703GROUPMCOMPETENCEC/B27471378.331615144;dc_pre=CJPfxIyBkvwCFQGJdwodrgoC6A;dc_trk_aid=523976581;dc_trk_cid=168322537;ord=1671876440;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?&227609798
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame C031 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=omaxbbue&e=1544311770728
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
53032
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 24 Dec 2022 10:07:24 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 15 Dec 2022 19:23:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
100, 272313
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220072-HHN
X-Timer
S1671876444.238915,VS0,VE0
rd_log
fra1-ib.adnxs.com/ Frame 0E9D 		0
930 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fforward.com%2F&e=wqT_3QKQDvBMEAcAAAMA1gAFAQjXnpudBhD83IPY57vMyhoYja-4qpOZ7ppWKjYJDr4wmSoYdT8RgM8XlMxecD8ZAAAAgD0K7z8hgM8XlMxecD8pDr4JJPCBMQAAAEDhepQ_MJeHhQw4mFBAqTlIAlCgxcedAViezX9gAGix8pcBeMbbBIABAYoBA1VTRJIBA0VVUpgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAml1ZignYScsIDE2OTQzNjgsIDApO3VmKCdpJywgNTI0OTAyMBUULGcnLCAxMzU3MTkyMBUVMHMnLCAyNTY5Njc0MzUVFjByJywgMzMwNDI0OTkyBRbwtpICqQUhbW9mQ3NRaTYzUGdXRUtERng1MEJHQUFnbnMxX01BRTRBRUFBU0trNVVKZUhoUXhZQUdDOUJtZ0FjQTU0QUlBQkRvZ0JBSkFCQVpnQkFhQUJBcWdCQXJBQkFMa0JYVjk4OF9yamN6X0JBVk02Y1ktNEczVV95UUVBQUFBQUFBRHdQOWtCU0RNV1RXY243al9nQWZ5dndBTDFBWVhya1QtWUFnQ2dBZ0MxQWdBQUFBQzlBZwE58IZEQUFnRElBZ0RRQWc3WUFnRGdBdTc1OWhQb0F1WGdscDBHLUFJQmdBTUJtQU1Cb2dNT0NPYkZ2aWNRQkJnQkxRX2tMemlpQXhjSXg1TGVGUkFIR0FFdDhqSDNPeklIWkdWbVlYVnNkS0lERkFpV3Z1d2tFQWdZQUMyNmF5a19NZ1F5Tnpnem8FWAF4HE1RQ1JnQ0xRAZygQ2lBdzRJMExpVUFSQUtHQUF0QUFDQVA2SUREZ2p1LWZZVEVBc1lBaTABLcBBdWdNSlJsSkJNVG8xTnpnMzRBT0lNSUFFdUtPTENJZ0UycU9MQ0pBRUFaZ0VCTUVFBTUFAQhESkIFCAkBFDJBUUE4UQWBCQF0SWdGbXkyWUJZdUd4SHFwQlVnekZrMW5KLTRfc1FVCSQBAQhNRUYBBwkBCERKQgFDHEtBTTYtZ18wLigABE5rBSjwRlFIY3Q1VF9nQllNRThBWFFycndHLUFXZ3RXZUNCZ05GVlZLSUJnQ1FCZ0dZQmdDaEJqMEsxNk53UGZJX3FBWUVzZ1lrQ1FBCW8MQUFBRQFwDQEARx0MAEkdDDh1QVlLmgKZASE4eFZXVGc6rQLYSjdOZnlBQUtBQXhQUXJYbzNBOThqODZDVVpTUVRFNk5UYzROMENJTUVsSU14Wk5aeWZ1UDFFQQ10DEFBRmsVCwRBRx0YAEcdGABIHRgQSGdBaVERENBEd1B3Li7YAgDgApuFTuoCFGh0dHBzOi8vZm9yd2FyZC5jb20v8gIRCgZBRFZfSUQSBzE2OWHXHPICEgoGQ1BHARQACHHDARUIBUNQARQACXXCPPICDQoIQURWX0ZSRVESATcFEDRSRU1fVVNFUhIBMPICDAkgFENPREUSAAUPAVkRDxALCgdDUBUOEBAKBUlPAWEgBzUyNDkwMjDyASEESU8VITgbCg9DVVNUT01fTU9ERUwBKzQINDE3OTQ3OTjyAhoKFjIeABxMRUFGX05BTQV5CCgKGjYdAAhBU1QBRmhJRklFRBIKMTY3MTgwMjk4MfICFQoIU1BMSVQBXy7rAPDQHwoHU2VnbWVudBIUQ29yb2xsYUhCX1BSX0F1dG9PcHSAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APw0pIB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDgwLjI1NS43LjEwOKgEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANIEDjczMzcjRlJBMTo1Nzg32gQCCAHgBAHwBKDFx50BiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAFDmzYBQHgBQHwBYUB-gUECAAQAJAGAJgGALgGAMEGBSEsAPA_0Aa0JdoGFgoQCREZAXQQABgA4AYB8gYCCACABwGIBwCgBwHIB8bbBNIHDQkRKAEmCNoHBgFdcBgA4AcA6gcCCADwB5bFA4oIAhAAlQgAAIA_mAgB&s=f91237044f99a5bafaf173eb7f8b8f6d33111725&bdref=https%3A%2F%2Fforward.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fforward.com%2F,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Domaxbbue%26e%3D1544311770728,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Domaxbbue%26e%3D1544311770728&
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=omaxbbue&e=1544311770728
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:24 GMT
AN-X-Request-Uuid
c351696a-3a86-418a-b6ea-e219165511f5
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 728C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120701&jk=260371538822129&rc=
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
index.html
cdn.flashtalking.com/129256/3290827/ Frame DA7C 		19 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/129256/3290827/index.html
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/616/6162252/3290827/js/j-6162252-3290827.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
0e1a73d8aa5cf64730ebb7a906c9bb1d1909c992a39ec954b8e13634d7af8574

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Access-Control-Max-Age
3000
Cache-Control
max-age=461
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
3587
Content-Type
text/html
Date
Sat, 24 Dec 2022 10:07:24 GMT
ETag
"1609162701"
Last-Modified
Mon, 28 Dec 2020 13:38:21 GMT
X-HW
1671876439.dop004.fr8.shc,1671876444.dop004.fr8.t,1671876444.cds274.fr8.c
x-amz-id-2
744vRbpfJGj4dJkr6iDWG1jU8hi3eZGf4o1tVkOHQwnUF2gL+GxDyc+F84lA2cBvGshl8UlwPSQ=
x-amz-request-id
5RHMKTHJTWAEHE73
skeleton.js
pixel.adsafeprotected.com/rjss/st/992712/61653181/ Frame F2A8 		46 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/rjss/st/992712/61653181/skeleton.js?420702640
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/616/6162252/3290827/js/j-6162252-3290827.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.4.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-4-225.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
851176fb13f86ca06b54a499e9004d406875c46d138a654d1867bc6b6befd046

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:24 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
ftpagefold_v4.7.2.js
cdn.flashtalking.com/pageFold/ Frame F2A8 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/pageFold/ftpagefold_v4.7.2.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/616/6162252/3290827/js/j-6162252-3290827.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
04a4ec051482dbeac84bf68c61fe3abc1cd91a21d49527e14521723bd7606d94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:24 GMT
Content-Encoding
gzip
x-amz-request-id
0VY8CGD94C72PBTP
Connection
Keep-Alive
Content-Length
5535
x-amz-id-2
4wsNWimWkb73//WXRppN1yg6VznZhqOc2LOoKVAK+Qlwcb5bZTSGVOYHNYfsq59yskHmT0XzB8w=
Last-Modified
Fri, 04 Nov 2022 15:59:45 GMT
ETag
"1667577585"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-HW
1671876439.dop133.fr8.t,1671876439.cds107.fr8.shn,1671876442.dop133.fr8.t,1671876444.cds273.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=21564
Accept-Ranges
bytes
B27471378.331615144;dc_pre=COPixYyBkvwCFdWyewodYzgCbg;dc_trk_aid=523976581;dc_trk_cid=168322537;ord=1671876440;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimp/N526601.2621703GROUPMCOMPETENCEC/ Frame F2A8
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N526601.2621703GROUPMCOMPETENCEC/B27471378.331615144;dc_trk_aid=523976581;dc_trk_cid=168322537;ord=1671876440;dc_lat=;dc_rdid=;tag_for_child_directed_treatme...
  • https://ad.doubleclick.net/ddm/trackimp/N526601.2621703GROUPMCOMPETENCEC/B27471378.331615144;dc_pre=COPixYyBkvwCFdWyewodYzgCbg;dc_trk_aid=523976581;dc_trk_cid=168322537;ord=1671876440;dc_lat=;dc_rd...
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N526601.2621703GROUPMCOMPETENCEC/B27471378.331615144;dc_pre=COPixYyBkvwCFdWyewodYzgCbg;dc_trk_aid=523976581;dc_trk_cid=168322537;ord=1671876440;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?&639069034
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=rnekscbjcg&e=1544311770728
Protocol
H3
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:24 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N526601.2621703GROUPMCOMPETENCEC/B27471378.331615144;dc_pre=COPixYyBkvwCFdWyewodYzgCbg;dc_trk_aid=523976581;dc_trk_cid=168322537;ord=1671876440;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?&639069034
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 9A25 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=rnekscbjcg&e=1544311770728
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
53032
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 24 Dec 2022 10:07:24 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 15 Dec 2022 19:23:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
100, 271666
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220080-HHN
X-Timer
S1671876444.252325,VS0,VE0
rd_log
fra1-ib.adnxs.com/ Frame F2A8 		0
930 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fforward.com%2F&e=wqT_3QKQDvBMEAcAAAMA1gAFAQjXnpudBhDb_pSnjaDHsmEYja-4qpOZ7ppWKjYJDr4wmSoYdT8RgM8XlMxecD8ZAAAAgD0K7z8hgM8XlMxecD8pDr4JJPCBMQAAAEDhepQ_MJeHhQw4mFBAqTlIAlCgxcedAViezX9gAGix8pcBeOWEBoABAYoBA1VTRJIBA0VVUpgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAml1ZignYScsIDE2OTQzNjgsIDApO3VmKCdpJywgNTI0OTAyMBUULGcnLCAxMzU3MTkyMBUVMHMnLCAyNTY5Njc0MzUVFjByJywgMzMwNDI0OTkyBRbwtpICqQUhZ0ljam53aTYzUGdXRUtERng1MEJHQUFnbnMxX01BRTRBRUFBU0trNVVKZUhoUXhZQUdDOUJtZ0FjQTU0QUlBQkRvZ0JBSkFCQVpnQkFhQUJBcWdCQXJBQkFMa0JYVjk4OF9yamN6X0JBVk02Y1ktNEczVV95UUVBQUFBQUFBRHdQOWtCU0RNV1RXY243al9nQWZ5dndBTDFBWVhya1QtWUFnQ2dBZ0MxQWdBQUFBQzlBZwE58IZEQUFnRElBZ0RRQWc3WUFnRGdBdTc1OWhQb0F1WGdscDBHLUFJQWdBTUJtQU1Cb2dNT0NPYkZ2aWNRQkJnQkxRX2tMemlpQXhjSXg1TGVGUkFIR0FFdDhqSDNPeklIWkdWbVlYVnNkS0lERkFpV3Z1d2tFQWdZQUMyNmF5a19NZ1F5Tnpnem8FWAF4HE1RQ1JnQ0xRAZygQ2lBdzRJMExpVUFSQUtHQUF0QUFDQVA2SUREZ2p1LWZZVEVBc1lBaTABLcBBdWdNSlJsSkJNVG8yTkRBMzRBT0lNSUFFdUtPTENJZ0UycU9MQ0pBRUFaZ0VCTUVFBTUFAQhESkIFCAkBFDJBUUE4UQWBCQF0SWdGaHpLWUJZdUd4SHFwQlVnekZrMW5KLTRfc1FVCSQBAQhNRUYBBwkBCERKQgFDHEtBTTYtZ18wLigABE5rBSjwRlFIY3Q1VF9nQllNRThBWFFycndHLUFXZ3RXZUNCZ05GVlZLSUJnQ1FCZ0dZQmdDaEJqMEsxNk53UGZJX3FBWUVzZ1lrQ1FBCW8MQUFBRQFwDQEARx0MAEkdDDR1QVlLmgKZASE2UldQUz6tAthKN05meUFBS0FBeFBRclhvM0E5OGo4NkNVWlNRVEU2TmpRd04wQ0lNRWxJTXhaTlp5ZnVQMUVBDXQMQUFGaxULBEFHHRgARx0YAEgdGAxIZ0FpLsEC8EN3Li7YAgDgApuFTuoCFGh0dHBzOi8vZm9yd2FyZC5jb20v8gIRCgZBRFZfSUQSBzE2OTQzNjjyAhIKBkNQR19JRBIIMW3DLPICEgoFQ1BfSUQSCXXCEPICDQoIAT4YRlJFURIBNwUQNFJFTV9VU0VSEgEw8gIMCSAUQ09ERRIABQ8BWREPEAsKB0NQFQ4QEAoFSU8BYSAHNTI0OTAyMPIBIQRJTxUhOBsKD0NVU1RPTV9NT0RFTAErNAg0MTc5NDc5OPICGgoWMh4AHExFQUZfTkFNBXkIKAoaNh0ACEFTVAFGaElGSUVEEgoxNjcxODAyOTgx8gIVCghTUExJVAFfLusA8NAfCgdTZWdtZW50EhRDb3JvbGxhSEJfUFJfQXV0b09wdIADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA_DSkgHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMODAuMjU1LjcuMTA4qAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA0gQONzMzNyNGUkExOjY0MDfaBAIIAeAEAfAEoMXHnQGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAUObNgFAeAFAfAFhQH6BQQIABAAkAYAmAYAuAYAwQYFISwA8D_QBrQl2gYWChAJERkBdBAAGADgBgHyBgIIAIAHAYgHAKAHAcgH5YQG0gcNCREoASYI2gcGAV1wGADgBwDqBwIIAPAHlsUDiggCEACVCAAAgD-YCAE.&s=e7c63f507931c277b5589c04123e89cffadc9c73&bdref=https%3A%2F%2Fforward.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fforward.com%2F,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Drnekscbjcg%26e%3D1544311770728,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Drnekscbjcg%26e%3D1544311770728&
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=rnekscbjcg&e=1544311770728
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:24 GMT
AN-X-Request-Uuid
e64dea60-b4f5-42eb-aec6-b7d171a66f3a
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 2670 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 24 Dec 2022 10:07:24 GMT
cm
u.openx.net/w/1.0/ Frame C425 		0
35 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid.bidstreamserver.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Requested by
Host: ads.bidstreamserver.com
URL: https://ads.bidstreamserver.com/js/prebid-bidstream-7.16.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Sat, 24 Dec 2022 10:07:24 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
async_usersync
ib.adnxs.com/ Frame E366 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1654713&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:24 GMT
AN-X-Request-Uuid
4c24e229-957e-4bbe-beb8-846275b5bffd
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 894E 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1654713&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:24 GMT
AN-X-Request-Uuid
bba93250-1176-4d12-86ad-16195b056add
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 981A 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1654713&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:24 GMT
AN-X-Request-Uuid
d5720272-26c7-44f6-9b18-8d23c1c0f8ba
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
banner
ad2.adfarm1.adition.com/ Frame 3444 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad2.adfarm1.adition.com/banner?sid=2885600&adjsver=3&fvers=&iframe=1&ref=https%3A//flashnetic.com/r/p.html%3Ff%3Dvwggzaudv%26e%3D1535582086632&ro=https%3A//flashnetic.com/r/p.html%3Ff%3Dvwggzaudv%26e%3D1535582086632&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/108.0.5359.124%20Safari/537.36&os=17&browser=11&userid=7180654624183416986&kid=5572862&kw=PACS%5F4787253%5F17071378&gdpr=0&screen_res=6&wpt=J&clickurl=https%3A%2F%2Ffra1%2Dib.adnxs.com%2Fclick%3FKHqKBn054D9ViIyJNfvYPwAAAIA9Cu8%5FRxz1wmt%5F5D%5FH155ZEqDqP%2DH0GTgw6Zw7jRdONcm4NVZVz6ZjAAAAAJdDgQEYKAAAsAQAAAIAAADAAz8YnuYfAAAAAABVU0QARVVSANgCWgAx%2DQAAAAABAQUCAAAAAMoAWyUv4wAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521BhJD%5FAjJo5YaEMCH%5FMEBGJ7NfyAAKAAxAAAAAAAAAAA6CUZSQTE6NTc3N0CIMElIMxZNZyfuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTIwMCNGUkExOjU3Nzc%3D%2Fbn%3D75880%2Fclickenc%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7180654632757234698%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7180654624183416986%2526sid%253D4787253%2526kid%253D5641793%2526bid%253D17071378%2526c%253D32825%2526keyword%253D%25255Bmtp%25255D%252528cid%252529406782912%25255BAAID%25255D%25255BIDFA%25255D%25255Bu%25255Dhttps%25253A%25252F%25252Fforward.com%25252F%25255Bp%25255D1654713%25255Bmtp%25255D%252528segc%252529%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D
Requested by
Host: ad2.adfarm1.adition.com
URL: https://ad2.adfarm1.adition.com/js?wp_id=2885600&gdpr=0&gdpr_consent=&ts=7180654632757234698&kid=5572862&keyword=PACS_4787253_17071378&clickurl=https%3A%2F%2Ffra1%2Dib.adnxs.com%2Fclick%3FKHqKBn054D9ViIyJNfvYPwAAAIA9Cu8%5FRxz1wmt%5F5D%5FH155ZEqDqP%2DH0GTgw6Zw7jRdONcm4NVZVz6ZjAAAAAJdDgQEYKAAAsAQAAAIAAADAAz8YnuYfAAAAAABVU0QARVVSANgCWgAx%2DQAAAAABAQUCAAAAAMoAWyUv4wAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521BhJD%5FAjJo5YaEMCH%5FMEBGJ7NfyAAKAAxAAAAAAAAAAA6CUZSQTE6NTc3N0CIMElIMxZNZyfuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTIwMCNGUkExOjU3Nzc%3D%2Fbn%3D75880%2Fclickenc%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7180654632757234698%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7180654624183416986%2526sid%253D4787253%2526kid%253D5641793%2526bid%253D17071378%2526c%253D32825%2526keyword%253D%25255Bmtp%25255D%252528cid%252529406782912%25255BAAID%25255D%25255BIDFA%25255D%25255Bu%25255Dhttps%25253A%25252F%25252Fforward.com%25252F%25255Bp%25255D1654713%25255Bmtp%25255D%252528segc%252529%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.21 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad2.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
8172a76c33e06a1c24fd3670216b6970eed6ee8b46df8fd055f2accdd2029b28

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:07:24 +0100
content-encoding
gzip
server
ADITIONSERVER v1.0
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
content-type
text/javascript
cache-control
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
index.html
cdn.flashtalking.com/129256/3290827/ Frame D9EF 		19 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/129256/3290827/index.html
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/616/6162252/3290827/js/j-6162252-3290827.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
0e1a73d8aa5cf64730ebb7a906c9bb1d1909c992a39ec954b8e13634d7af8574

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Access-Control-Max-Age
3000
Cache-Control
max-age=461
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
3587
Content-Type
text/html
Date
Sat, 24 Dec 2022 10:07:24 GMT
ETag
"1609162701"
Last-Modified
Mon, 28 Dec 2020 13:38:21 GMT
X-HW
1671876439.dop133.fr8.t,1671876439.cds107.fr8.shn,1671876444.dop133.fr8.t,1671876444.cds274.fr8.c
x-amz-id-2
744vRbpfJGj4dJkr6iDWG1jU8hi3eZGf4o1tVkOHQwnUF2gL+GxDyc+F84lA2cBvGshl8UlwPSQ=
x-amz-request-id
5RHMKTHJTWAEHE73
skeleton.js
pixel.adsafeprotected.com/rjss/st/992712/61653181/ Frame 434A 		46 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/rjss/st/992712/61653181/skeleton.js?618329399
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/616/6162252/3290827/js/j-6162252-3290827.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.4.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-4-225.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
31658c00ff0c28b9e0b2e78e833943dc347f302957725eb55b829f3ed1711fc8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:24 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
ftpagefold_v4.7.2.js
cdn.flashtalking.com/pageFold/ Frame 434A 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/pageFold/ftpagefold_v4.7.2.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/616/6162252/3290827/js/j-6162252-3290827.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
04a4ec051482dbeac84bf68c61fe3abc1cd91a21d49527e14521723bd7606d94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:24 GMT
Content-Encoding
gzip
x-amz-request-id
0VYE1R4B5BFAPA6M
Connection
Keep-Alive
Content-Length
5535
x-amz-id-2
j5KwgsYGbP/r3C8dM97qc+3TabospPpV6qv0lM7drK8sHr8ilGKec0TvlW0suf8hIhcWl4UsqQo=
Last-Modified
Fri, 04 Nov 2022 15:59:45 GMT
ETag
"1667577585"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-HW
1671876439.dop004.fr8.shc,1671876444.dop004.fr8.t,1671876444.cds274.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=21652
Accept-Ranges
bytes
B27471378.331615144;dc_pre=CI6vyoyBkvwCFdeuewodwpoIPg;dc_trk_aid=523976581;dc_trk_cid=168322537;ord=1671876440;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimp/N526601.2621703GROUPMCOMPETENCEC/ Frame 434A
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N526601.2621703GROUPMCOMPETENCEC/B27471378.331615144;dc_trk_aid=523976581;dc_trk_cid=168322537;ord=1671876440;dc_lat=;dc_rdid=;tag_for_child_directed_treatme...
  • https://ad.doubleclick.net/ddm/trackimp/N526601.2621703GROUPMCOMPETENCEC/B27471378.331615144;dc_pre=CI6vyoyBkvwCFdeuewodwpoIPg;dc_trk_aid=523976581;dc_trk_cid=168322537;ord=1671876440;dc_lat=;dc_rd...
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N526601.2621703GROUPMCOMPETENCEC/B27471378.331615144;dc_pre=CI6vyoyBkvwCFdeuewodwpoIPg;dc_trk_aid=523976581;dc_trk_cid=168322537;ord=1671876440;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?&971805000
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=ppqndwhs&e=1544311770728
Protocol
H3
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:24 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N526601.2621703GROUPMCOMPETENCEC/B27471378.331615144;dc_pre=CI6vyoyBkvwCFdeuewodwpoIPg;dc_trk_aid=523976581;dc_trk_cid=168322537;ord=1671876440;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?&971805000
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame B3C7 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=ppqndwhs&e=1544311770728
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
53032
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 24 Dec 2022 10:07:24 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 15 Dec 2022 19:23:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
100, 271667
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220080-HHN
X-Timer
S1671876444.326727,VS0,VE0
rd_log
fra1-ib.adnxs.com/ Frame 434A 		0
930 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fforward.com%2F&e=wqT_3QKQDvBMEAcAAAMA1gAFAQjXnpudBhCe9bCA9oitvQIYja-4qpOZ7ppWKjYJDr4wmSoYdT8RgM8XlMxecD8ZAAAAgD0K7z8hgM8XlMxecD8pDr4JJPCBMQAAAEDhepQ_MJeHhQw4mFBAqTlIAlCgxcedAViezX9gAGix8pcBeNPZBYABAYoBA1VTRJIBA0VVUpgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAml1ZignYScsIDE2OTQzNjgsIDApO3VmKCdpJywgNTI0OTAyMBUULGcnLCAxMzU3MTkyMBUVMHMnLCAyNTY5Njc0MzUVFjByJywgMzMwNDI0OTkyBRbwtpICqQUhbG9mcXJnaTYzUGdXRUtERng1MEJHQUFnbnMxX01BRTRBRUFBU0trNVVKZUhoUXhZQUdDOUJtZ0FjQTU0QUlBQkRvZ0JBSkFCQVpnQkFhQUJBcWdCQXJBQkFMa0JYVjk4OF9yamN6X0JBVk02Y1ktNEczVV95UUVBQUFBQUFBRHdQOWtCU0RNV1RXY243al9nQWZ5dndBTDFBWVhya1QtWUFnQ2dBZ0MxQWdBQUFBQzlBZwE58IZEQUFnRElBZ0RRQWc3WUFnRGdBdTc1OWhQb0F1WGdscDBHLUFJQmdBTUJtQU1Cb2dNT0NPYkZ2aWNRQkJnQkxRX2tMemlpQXhjSXg1TGVGUkFIR0FFdDhqSDNPeklIWkdWbVlYVnNkS0lERkFpV3Z1d2tFQWdZQUMyNmF5a19NZ1F5Tnpnem8FWAF4HE1RQ1JnQ0xRAZygQ2lBdzRJMExpVUFSQUtHQUF0QUFDQVA2SUREZ2p1LWZZVEVBc1lBaTABLcBBdWdNSlJsSkJNVG8xTnpnMTRBT0lNSUFFdUtPTENJZ0UycU9MQ0pBRUFaZ0VCTUVFBTUFAQhESkIFCAkBFDJBUUE4UQWBCQF0SWdGbVMyWUJZdUd4SHFwQlVnekZrMW5KLTRfc1FVCSQBAQhNRUYBBwkBCERKQgFDHEtBTTYtZ18wLigABE5rBSjwRlFIY3Q1VF9nQllNRThBWFFycndHLUFXZ3RXZUNCZ05GVlZLSUJnQ1FCZ0dZQmdDaEJqMEsxNk53UGZJX3FBWUVzZ1lrQ1FBCW8MQUFBRQFwDQEARx0MAEkdDDh1QVlLmgKZASE4UlhLVFE6rQLYSjdOZnlBQUtBQXhQUXJYbzNBOThqODZDVVpTUVRFNk5UYzROVUNJTUVsSU14Wk5aeWZ1UDFFQQ10DEFBRmsVCwRBRx0YAEcdGABIHRgQSGdBaVERENBEd1B3Li7YAgDgApuFTuoCFGh0dHBzOi8vZm9yd2FyZC5jb20v8gIRCgZBRFZfSUQSBzE2OWHXHPICEgoGQ1BHARQACHHDARUIBUNQARQACXXCPPICDQoIQURWX0ZSRVESATcFEDRSRU1fVVNFUhIBMPICDAkgFENPREUSAAUPAVkRDxALCgdDUBUOEBAKBUlPAWEgBzUyNDkwMjDyASEESU8VITgbCg9DVVNUT01fTU9ERUwBKzQINDE3OTQ3OTjyAhoKFjIeABxMRUFGX05BTQV5CCgKGjYdAAhBU1QBRmhJRklFRBIKMTY3MTgwMjk4MfICFQoIU1BMSVQBXy7rAPDQHwoHU2VnbWVudBIUQ29yb2xsYUhCX1BSX0F1dG9PcHSAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APw0pIB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDgwLjI1NS43LjEwOKgEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANIEDjczMzcjRlJBMTo1Nzg12gQCCAHgBAHwBKDFx50BiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAFDmzYBQHgBQHwBYUB-gUECAAQAJAGAJgGALgGAMEGBSEsAPA_0Aa0JdoGFgoQCREZAXQQABgA4AYB8gYCCACABwGIBwCgBwHIB9PZBdIHDQkRKAEmCNoHBgFdcBgA4AcA6gcCCADwB5bFA4oIAhAAlQgAAIA_mAgB&s=da57c18231d8582797549d26504b6adcd6f5b56f&bdref=https%3A%2F%2Fforward.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fforward.com%2F,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dppqndwhs%26e%3D1544311770728,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dppqndwhs%26e%3D1544311770728&
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=ppqndwhs&e=1544311770728
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:24 GMT
AN-X-Request-Uuid
a82bbca8-8c45-480a-8452-46be55f25d29
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
B26683479.316563413;dc_ver=92.271;sz=728x90;u_sd=1;gdpr=0;aucid=4512479597910238743;crid=322267861;ioid=%24%7BINSERTION_ORDER_ID%7D;liid=%24%7BCAMPAIGN_ID%7D;segid=%24%7BPIXEL_ID_COMMA%7D;srcid=%24...
ad.doubleclick.net/ddm/adj/N163801.2560713PROPERTYSOLUTIONS/ Frame 0694 		66 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N163801.2560713PROPERTYSOLUTIONS/B26683479.316563413;dc_ver=92.271;sz=728x90;u_sd=1;gdpr=0;aucid=4512479597910238743;crid=322267861;ioid=%24%7BINSERTION_ORDER_ID%7D;liid=%24%7BCAMPAIGN_ID%7D;segid=%24%7BPIXEL_ID_COMMA%7D;srcid=%24%7BSOURCE_URL%7D;dc_adk=3504977957;ord=1uap0i;click=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FVfFG5pE_iD8bS8uVcBKCPwAAAIA9Cu8_G0vLlXASgj9W8UbmkT-IPxcmo0FJjJ8-jRdONcm4NVZXz6ZjAAAAAJdDgQEYKAAA6h8AAAIAAADVajUTnuYfAAAAAABVU0QARVVSANgCWgAx-QAAAAABAQUCAAAAAMoAKiPC_gAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521VRYFVAjEnbEYENXV1ZkBGJ7NfyAAKAAxmpmZmZmZuT86CUZSQTE6NjYyNUCIMEkAAAAAAADwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAADQP2kAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DODE3MCNGUkExOjY2MjU%3D%2Fbn%3D99384%2Fclickenc%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Fforward.com%2F$0;xdt=1;crlt=SGqX)'TyIK;gcsr=m;stc=1;chaa=1;sttr=1956;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v92.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
cafe /
Resource Hash
50c624b7992494dbf16e1ad0bcfb757a32a6229cf72980b7f2725cfc18af378b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28064
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 0ABF 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:24 GMT
AN-X-Request-Uuid
8c1eed4c-5c3a-4615-ae17-ea0e23a56535
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 8A0D 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:24 GMT
AN-X-Request-Uuid
3d266f7e-cdd6-43c1-ac1f-ddbde4d0063a
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ca
choices.truste.com/ Frame 8045 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.truste.com/ca?pid=sojern01&aid=sojern02&cid=24035859&js=st0
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-7.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
1fe926d32d00488a96c2c4a1a682caba35beffaa80db5eb21cbe18218b052978
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 ff2bcb2d3b4a3d9e0615ddd1033c38c4.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop
FRA2-C2
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
8027
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
text/javascript;charset=UTF-8
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
DzkLPhI9co2P7ppJvwnXfdfNaQ1-P3765uGbd6muRhw8SE_IrFXf5Q==
expires
Mon, 26 Jul 1997 05:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8045 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 24 Dec 2022 10:07:24 GMT
index.html
s0.2mdn.net/sadbundle/8627345791007471973/ Frame 0E58 		19 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8627345791007471973/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
703b98fcf4e4866ba0a9b96882b61941cd4332c61feb152d67580f890696e782
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
525970
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
4818
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sun, 18 Dec 2022 08:01:14 GMT
expires
Mon, 18 Dec 2023 08:01:14 GMT
last-modified
Tue, 25 Aug 2020 14:09:36 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 8045 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsss8i-L_s8u3LI2_YOMDKOBga5eG6J-qnzJYeh5YpzkJQ4pCsqRRZMBkBJp6Ong56HTYnOBkozqGAo83SM0zu5y8_lkWliM6KscXgFeq_GWIpKx7lRK9m6tiQWcJt7lqTlRZaRzhsm_taceM1RBKfVM_gc&sai=AMfl-YS5sZvLY9g4IarpWr0ZpohdpzHLYNooq6rKi9ZjDjMOR75eKfvNovkmGDS345u-GB4Kny6-IsaiwHi599i4WlHF-4n2uncVZ4NDA-y7&sig=Cg0ArKJSzDVQqj8zA3H0EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2725&cbvp=1&cstd=2723&cisv=r20221207.04127&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:24 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 24 Dec 2022 10:07:24 GMT
dcm
beacon.sojern.com/imp/ Frame 8045 		42 B
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.sojern.com/imp/dcm?auc=5127083361354022725&io=${INSERTION_ORDER_ID}&li=${CAMPAIGN_ID}&cr=273202276&io=${INSERTION_ORDER_ID}&seg=${PIXEL_ID_COMMA}&src=${SOURCE_URL}&ord=%c
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=cigritfmlj&e=1535582086632
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
119.244.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
date
Sat, 24 Dec 2022 10:07:24 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
vary
Accept-Encoding
content-type
image/gif
async_usersync
ib.adnxs.com/ Frame A736 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:24 GMT
AN-X-Request-Uuid
a866dbbc-5846-4f6d-98da-f93a9920a23e
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 9D9F 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:24 GMT
AN-X-Request-Uuid
93d6bd8f-e9dc-48ed-bfb8-cbcb55e2c558
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ca
choices.truste.com/ Frame 3516 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.truste.com/ca?pid=sojern01&aid=sojern02&cid=24050075&js=st0
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-7.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
6ca25dd87d04d7aedd831b738972badcbdd0f0345fd1f836dd534a623f726191
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 ff2bcb2d3b4a3d9e0615ddd1033c38c4.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop
FRA2-C2
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
8028
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
text/javascript;charset=UTF-8
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
0pZjCqcCEEjZEVqoyDl4dbm2wZMOka9cmaDqIR_Ee700dMoX9qyx7g==
expires
Mon, 26 Jul 1997 05:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3516 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 24 Dec 2022 10:07:24 GMT
index.html
s0.2mdn.net/sadbundle/2776815936793873956/ Frame 703C 		19 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2776815936793873956/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0574d3bf94d6d6b8120c8ff973b6de8cb115b425571d0515b5852713dd487b96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
185950
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
4822
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Dec 2022 06:28:14 GMT
expires
Fri, 22 Dec 2023 06:28:14 GMT
last-modified
Sat, 05 Sep 2020 10:31:26 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 3516 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst8PT_nXrUwDraL3Rataat7Ifyrg77cR4Sfi4sy-hmwyxQHzPtBqVhhpprB0U90R550dQuKxl6LLMmD3n5fiOhbArVbO7QASs_lK0TmEtxkQESv8oZ77FCZhD38PbTcjpwSL541ZG6QHBCzh0KDjp2tFO0&sai=AMfl-YSc9DakzmctHY0tu3SUTb0OBFCXXD4diIRW7e4A1TVJHxLBft76TKHaVDj3nbYI8EcgfAL0_ahizSbiSLpOfVXPJgkDiNOAlPKojKGk&sig=Cg0ArKJSzKphaLss5v-SEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2677&cbvp=1&cstd=2675&cisv=r20221207.09652&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:24 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 24 Dec 2022 10:07:24 GMT
dcm
beacon.sojern.com/imp/ Frame 3516 		42 B
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.sojern.com/imp/dcm?auc=2665707921651158563&io=${INSERTION_ORDER_ID}&li=${CAMPAIGN_ID}&cr=277208876&io=${INSERTION_ORDER_ID}&seg=${PIXEL_ID_COMMA}&src=${SOURCE_URL}&ord=%c
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=uffdafdut&e=1535582086632
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
119.244.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
date
Sat, 24 Dec 2022 10:07:24 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
vary
Accept-Encoding
content-type
image/gif
async_usersync
ib.adnxs.com/ Frame AFC9 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1654713&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:24 GMT
AN-X-Request-Uuid
a2084956-8bc1-48a4-9641-21ebdbd88981
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame E364 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:24 GMT
AN-X-Request-Uuid
bc19f3c9-7eb0-4048-8c1a-1f1208743087
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 46F5 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9978410e404c2f058fe25e4d4a70899c7a817bc0b86eddb39d97e827038aa770

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:24 GMT
content-encoding
gzip
last-modified
Sat, 24 Dec 2022 03:57:26 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=64192
content-length
10066
expires
Sun, 25 Dec 2022 03:57:16 GMT
usync.js
eus.rubiconproject.com/ Frame E9E2 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9978410e404c2f058fe25e4d4a70899c7a817bc0b86eddb39d97e827038aa770

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:24 GMT
content-encoding
gzip
last-modified
Sat, 24 Dec 2022 03:57:26 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=64192
content-length
10066
expires
Sun, 25 Dec 2022 03:57:16 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 1079 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=11153&pub_id=2164665
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/bidstream/blocking_script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
53032
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 24 Dec 2022 10:07:24 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 15 Dec 2022 19:23:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
100, 271670
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220080-HHN
X-Timer
S1671876445.806719,VS0,VE0
rd_log
fra1-ib.adnxs.com/ Frame A6EE 		0
930 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F&e=wqT_3QKMDfBMjAYAAAMA1gAFAQjXnpudBhCY-dHlqLS6zlwYja-4qpOZ7ppWKjYJehSuR-F6lD8RINJvXwfOiT8ZAAAA4HoU5j8hINJvXwfOiT8pexQJJNAxAAAAQOF6pD8w5a3IDDiRV0CrWkgCUIqI5WNYsPOfAWAAaLDSwQF4tNgFgAEBigEDVVNEkgUG8EyYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaHVmKCdhJywgNDM4ODc3OSwgMCk7dWYoJ2knLCAzODQxMTY3LCAwKQUULGcnLCAxMTEwNTI1NxUpAGMFKRQ4MDczMjYVFSxyJywgMjA5MjczODYJFvC2kgKxBCFEMmhHeGdpZXpzQVNFSXFJNVdNWUFDQ3c4NThCTUFFNEFFQUFTS3RhVU9XdHlBeFlBR0M5Qm1nQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkFxZ0JBckFCQUxrQkkwY0hxbXRNa3pfQkFkYmFYT2poZXBRX3lRRUFBQUFBQUFEd1A5a0JTRE1XVFdjbjdqX2dBWS01NmdIMUFRclhvenlZQWdDZ0FnSzFBZ0FBQUFDOUFnATnwi0RBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0SWpzaS1KeEFFR0FFdHZSeXJPYUlERXdqU2xPSWdFQW9ZQVMzckhZNF9NZ04xYm5HNkF3bEdVa0V4T2pVMk9EbmdBNGd3Z0FTOTNNQURpQVNYM2NBRGtBUUFtQVFFd1FRQUFBAZAUQUFBTWtFAQcJARhEWUJBRHhCCQ0FARxpQVc1TEtrRgUNIEFBQThELXhCUQEKCQEId1FVCQkBAQBNLigABF9SLigAADIVKPBDRHdQLUFGMEFfd0Jlbm5wUVg0QmF2dml3S0NCZ05GVlZLSUJnQ1FCZ0dZQmdDaEJuc1Vya2ZoZXBRX3FBWUVzZ1lrQ1EBbQkBAEUdjABHHQwASR0MOHVBWUuaApkBIWloVUtJdzY1AthzUE9mQVNBQUtBQXhleFN1Ui1GNmxEODZDVVpTUVRFNk5UWTRPVUNJTUVsSU14Wk5aeWZ1UDFFCX4BAQRGawEGCQEARz1MAEcdGABIHRgMSGdBaS5JAvB5dy4u2AIA4ALfl1XqAktodHRwczovL2ZvcndhcmQuY29tL25ld3MvNTI5MTMwL2dlb3JnZS1zYW50b3MtamV3aXNoLWxpZS1nZW5lYWxvZ3ktcmVjb3Jkcy_yAhEKBkFEVl9JRBIHNDM4ODc3OfICEgoGQ1BHX0lEEghxgWTyAgoKBUNQX0lEEgEw8gINCghBRFZfRlJFUREQHFJFTV9VU0VSBRAADAkgGENPREUSAPIBDwFREQ8QCwoHQ1AVDhAQCgVJTwFZCAczOIUCAPIBIQRJTxUhOBMKD0NVU1RPTV9NT0RFTAErFADyAhoKFjIWABxMRUFGX05BTQVxCB4KGjYdAAhBU1QBPhBJRklFRAE-HA0KCFNQTElUAU3wmgEwgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgD8NKSAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBAw4MC4yNTUuNy4xMDioBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQPMTE1NjMjRlJBMTo1Njg52gQCCAHgBAHwBIqI5WOIBQGYBQCgBf______AQUYAcAFAMkFAAUBFPA_0gUJCQULeAAAANgFAeAFAfAFxgX6BQQIABAAkAYAmAYAuAYAwQYBIDAAAPA_0Aa1RNoGFgoQCREZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB7TYBdIHDRVjASYI2gcGAV1wGADgBwDqBwIIAPAHlsUDiggCEACVCAAAgD-YCAE.&s=1b57113653ca3f75c675518d9e9c677a121d1dc6&bdref=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F,https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F,https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F&
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/bidstream/blocking_script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:24 GMT
AN-X-Request-Uuid
0422f369-6dc4-4833-8e94-f22efe0bd7e5
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
6af8f7e7-0fa4-4671-8569-8f88c1461a10.jpg
crcdn01.adnxs.com/creative/p/11563/2020/2/21/16809493/ Frame A6EE 		104 KB
105 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crcdn01.adnxs.com/creative/p/11563/2020/2/21/16809493/6af8f7e7-0fa4-4671-8569-8f88c1461a10.jpg
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/bidstream/blocking_script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.21.3 /
Resource Hash
18ff02e2a023fdcf2568a3bcda7d922fd5eebb938ef45eb28888fdb14820fd48

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Expires
Wed, 21 Dec 2022 05:16:39 GMT
Date
Sat, 24 Dec 2022 10:07:24 GMT
Via
1.1 varnish, 1.1 varnish
x-amz-request-id
aa9fe2fc-ea61-488e-82bb-a14e1bec7772
Age
4164645
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
106510
X-Served-By
cache-lga21924-LGA, cache-hhn-etou8220047-HHN
Last-Modified
Fri, 21 Feb 2020 15:49:27 GMT
Server
nginx/1.21.3
X-Timer
S1671876445.893745,VS0,VE0
ETag
"c8c612a1acf039fbf24119d173e13937"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
X-Clv-Request-Id
aa9fe2fc-ea61-488e-82bb-a14e1bec7772
Cache-Control
max-age=3888000
Accept-Ranges
bytes
X-Clv-S3-Version
2.5
X-Cache-Hits
86, 86
trk.js
cdn.adnxs.com/v/s/231/ Frame A6EE 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/231/trk.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/bidstream/blocking_script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a6014f6b98eaeb6078b9e1c953c61f33af95d5f4866d89a416d01b74a0dd6c27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Expires
Wed, 06 Dec 2023 04:35:13 GMT
Date
Sat, 24 Dec 2022 10:07:24 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
1575131
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27455
X-Served-By
cache-lga13620-LGA, cache-hhn-etou8220052-HHN
Last-Modified
Wed, 30 Nov 2022 10:07:25 GMT
Server
AkamaiNetStorage
X-Timer
S1671876445.811336,VS0,VE0
ETag
"48b9fe7fe4120aea6f95a30f505d7b35:1669802845.0694"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
17, 2166503
it
fra1-ib.adnxs.com/ Frame A6EE 		0
930 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fforward.com%252Fnews%252F529130%252Fgeorge-santos-jewish-lie-genealogy-records%252F&e=wqT_3QKFC_BMhQUAAAMA1gAFAQjXnpudBhCY-dHlqLS6zlwYja-4qpOZ7ppWKjYJehSuR-F6lD8RINJvXwfOiT8ZAAAA4HoU5j8hINJvXwfOiT8pexQJJNAxAAAAQOF6pD8w5a3IDDiRV0CrWkgCUIqI5WNYsPOfAWAAaLDSwQF4tNgFgAEBigEDVVNEkgUG8EyYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaHVmKCdhJywgNDM4ODc3OSwgMCk7dWYoJ2knLCAzODQxMTY3LCAwKQUULGcnLCAxMTEwNTI1NxUpAGMFKRQ4MDczMjYVFSxyJywgMjA5MjczODYJFvC2kgKxBCFEMmhHeGdpZXpzQVNFSXFJNVdNWUFDQ3c4NThCTUFFNEFFQUFTS3RhVU9XdHlBeFlBR0M5Qm1nQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkFxZ0JBckFCQUxrQkkwY0hxbXRNa3pfQkFkYmFYT2poZXBRX3lRRUFBQUFBQUFEd1A5a0JTRE1XVFdjbjdqX2dBWS01NmdIMUFRclhvenlZQWdDZ0FnSzFBZ0FBQUFDOUFnATnwi0RBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0SWpzaS1KeEFFR0FFdHZSeXJPYUlERXdqU2xPSWdFQW9ZQVMzckhZNF9NZ04xYm5HNkF3bEdVa0V4T2pVMk9EbmdBNGd3Z0FTOTNNQURpQVNYM2NBRGtBUUFtQVFFd1FRQUFBAZAUQUFBTWtFAQcJARhEWUJBRHhCCQ0FARxpQVc1TEtrRgUNIEFBQThELXhCUQEKCQEId1FVCQkBAQBNLigABF9SLigAADIVKPBDRHdQLUFGMEFfd0Jlbm5wUVg0QmF2dml3S0NCZ05GVlZLSUJnQ1FCZ0dZQmdDaEJuc1Vya2ZoZXBRX3FBWUVzZ1lrQ1EBbQkBAEUdjABHHQwASR0MOHVBWUuaApkBIWloVUtJdzY1AthzUE9mQVNBQUtBQXhleFN1Ui1GNmxEODZDVVpTUVRFNk5UWTRPVUNJTUVsSU14Wk5aeWZ1UDFFCX4BAQRGawEGCQEARz1MAEcdGABIHRgMSGdBaS5JAvQ-AXcuLtgCAOAC35dV6gJLaHR0cHM6Ly9mb3J3YXJkLmNvbS9uZXdzLzUyOTEzMC9nZW9yZ2Utc2FudG9zLWpld2lzaC1saWUtZ2VuZWFsb2d5LXJlY29yZHMvgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgD8NKSAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBAw4MC4yNTUuNy4xMDioBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQPMTE1NjMjRlJBMTo1Njg52gQCCAHgBAHwBIqI5WOIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXGBfoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0Aa1RNoGFgoQAAABQRkBdBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHtNgF0gcNCREoASYM2gcGCAUJaOAHAOoHAggA8AeWxQOKCAIQAJUIAACAP5gIAQ..&s=59660755ef0a7bbd3bcf6c0577f8fc08d1a9185f
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/bidstream/blocking_script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:24 GMT
AN-X-Request-Uuid
143b0625-a04e-41bd-9416-e9e4021f9314
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
publishertag.prebid.130.js
static.criteo.net/js/ld/ Frame 2670 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.130.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 17 Sep 2022 19:59:55 GMT
server
nginx
etag
W/"6326273b-16120"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 25 Dec 2022 10:07:24 GMT
ca
choices.truste.com/ Frame BE2C 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.truste.com/ca?pid=sojern01&aid=sojern02&cid=24120111&js=st0
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-7.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
9590acb087a19a45cabb3fdd511b27659fbdcc04735f3edfe60b24c735847bc8
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 ff2bcb2d3b4a3d9e0615ddd1033c38c4.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop
FRA2-C2
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
8034
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
text/javascript;charset=UTF-8
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
Gn_Bavm8MLB5nT2WdZZXiylHNqCPPmYfRKRu17_LJ_EW8aEHJrnI-A==
expires
Mon, 26 Jul 1997 05:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BE2C 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 24 Dec 2022 10:07:24 GMT
index.html
s0.2mdn.net/sadbundle/8820714032462456054/ Frame CB79 		16 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8820714032462456054/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
03c8d45bda14da74c40e647a1c5e3f8e0c381654ced48a41ffdf3654f2bc8eb7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
162611
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
4382
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Dec 2022 12:57:13 GMT
expires
Fri, 22 Dec 2023 12:57:13 GMT
last-modified
Sat, 05 Sep 2020 03:40:00 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame BE2C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstaSu3pK-JO0j3ia0tBa7DPtDwK5x4Ms8F8cqar0ytpgT3oY0jV7FaYRvCFQ_3IkbajHdvaywgia_N01ylMNs5dK5pvlAFU8LAGQSzxafZvfvuCUIX6SU3fxYyKmRKHYUVqcrq78uSfzmJIuaxshTSXvZnjYQ&sai=AMfl-YTBgmHiJM-aCF2mTG2f7pMdsi5khxB1mGSoqZ3EOYRmK_ouZxCAlHv8rTjd0ClbyXNiYOoH4y4-IFhpQ7eaigwngKdAdPi1J-yAHGGg&sig=Cg0ArKJSzPFs1f_Tqf2MEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=3061&cbvp=1&cstd=3059&cisv=r20221207.53954&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:24 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 24 Dec 2022 10:07:24 GMT
dcm
beacon.sojern.com/imp/ Frame BE2C 		42 B
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.sojern.com/imp/dcm?auc=2515534623547100295&io=${INSERTION_ORDER_ID}&li=${CAMPAIGN_ID}&cr=240664030&io=${INSERTION_ORDER_ID}&seg=${PIXEL_ID_COMMA}&src=${SOURCE_URL}&ord=%c
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=cqjing&e=1535582086632
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
119.244.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
date
Sat, 24 Dec 2022 10:07:24 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
vary
Accept-Encoding
content-type
image/gif
usermatch
ssum-sec.casalemedia.com/ Frame A5A1 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13c1c4a0063d58dead3980f1fdab8b1dc3069aa54801e0d25c77051b983cbb38

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
77e887a438939a1d-FRA
content-encoding
br
content-type
text/html
date
Sat, 24 Dec 2022 10:07:24 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iDDwuV6%2FsLSZxwabJe32KKz7VOAvYVb%2BtJ5ogY59ItQQJNsbnQodEEVic2RjSB%2FFKF2131hIFksZSDImtP656ham3C81q3tfRXt21O2XbLX0nkstf0496fGm0%2FiriH%2BtZQVixvgCON9Btg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
current
prebid-match.dotomi.com/match/bounce/ Frame 2249 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fprebid.bidstreamserver.com%2Fsetuid%3Fbidder%3Dconversant%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:24 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
usermatch
ssum-sec.casalemedia.com/ Frame EBA2 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca421d1427eb6067f9d9fc6fd7c8def7df22fc4eb1630bc567cacd93718dfa62

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
77e887a448af9a1d-FRA
content-encoding
br
content-type
text/html
date
Sat, 24 Dec 2022 10:07:24 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=myf6VRYyTG%2FmaOZWmK7WkG6kPkNj%2B8sgt%2BYRxE3LgUFWUdY5X19R%2FRlsI7aRWdfAodDBBtqtws7yb0Lcpv8AkKCs3Hs6FWpsfo4t440KvTuSmGhWazj9F%2BNQf8I%2FOCBmPgTVhWi7AyJzvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame D5D6 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7aa0445ae330e3ac49de5e277a5b7c036c5fa3571ff145434c0b9ad545c5cea4

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
77e887a448bb9a1d-FRA
content-encoding
br
content-type
text/html
date
Sat, 24 Dec 2022 10:07:24 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=47wGp1OrgufoGy73G5UOwQZ%2FM0UIk%2BtC40PuhSlMIWzkT%2BB83uKpr%2BfFq36Og22LOeMJxHVS6qT%2BRpZiIfadS0U8HvDvvo1TaiAn2B8lvga8SOkxy8ej1txp8YkgacCNjhpLVDja9sJd%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame 83E7 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ad3437f02c71f81ecc28dbac6b081b02443737772e46e52171c76bfebd04464

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
77e887a458c29a1d-FRA
content-encoding
br
content-type
text/html
date
Sat, 24 Dec 2022 10:07:24 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Flds%2BzY8%2BcWatDFVWZAchLCtHXjniT8Ss4R6JdoCTvbBqRg4Jjbwj%2Bc2OZIn%2BCfE0lxCQOs50UDBe7YkuIvanGmpvTU%2Fodd7NIx%2BYnwRypH4GC0HSNbJbFmFFm1%2F9c7S%2BFM%2FEda7CulxkA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame E0B7 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba25cadaafc9c379029938b3c918e244c2a2f8d53778e4cb7cb919b0ff032eff

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
77e887a458c99a1d-FRA
content-encoding
br
content-type
text/html
date
Sat, 24 Dec 2022 10:07:24 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BCe19iDbq9j1HDUsvWMeo2dnmeOZynpw63wUheWk%2FalFDdACM2E%2Bl5SQCUvFPvO9t5rIoKKPPU9xZrKhRSTYGd0Wqlwpe3JoGPMmaUGJOXocrMLSuDYcTxqJKpJ4AAqx1HWVKD0lLqmZPA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=j5keZXxqTHhQSW9SeVMzRDgwa2lrMFN0azRWTWh6SE5rREVCdkxMUy80ZjlIR2lIR2FObW1jTDRwdm52OFAyR2ZYTURpVkNjVy9hUm5RVzUrMm1QUXY4N3FPVi9Nd2YyOUo0TG1SSElZZFFpU0tkL0NSbGI1UmozckVDYzB3OWFTMWYxbWZKVld0NDRpemk4Um9QYXZpUmYyRUIrUUlnMjJnVjdNdGZnOHErWDFyQzRpVGxzUVM0TkY2dFhaRmtSbnJxUUlTdHhpMC9YZm03K09OOUcyK2FQSnpCSE9nY09yWnNOZDNPMWIzWmpCRUJFPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 24 Dec 2022 10:07:24 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
543693
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=M3jHYXxWa21DS1pjNGpyOU1kd21xNjNGcFJMcHgyRWQzbWVDSmUvYzF2VTcxbS9oQnRpZUU5Rm1QejUyQ2dISzBUazNKMm55cHNmM2gvRVdNWEl2QWhrMW4xM3ZxMHFqMUVIbnVvYkIwTjh2bER6SVVtc3JhRmtKZG5POVhLdkFILzY0ZURpMFV3T000emFzbjJRQ0JqcjJ1MGxZMXNCNUxpcFV4WmErT3AyQzRpOUwvWUlzbC8zbGxuVVFIeWNKS2xFTG5PR3dMR0JraFRZckd4NkhBRFpDenFaTWJMaUNyM0Y1UlBMRytNcXhkOEQ0PXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 24 Dec 2022 10:07:23 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
409000
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame 0F38 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9978410e404c2f058fe25e4d4a70899c7a817bc0b86eddb39d97e827038aa770

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:24 GMT
content-encoding
gzip
last-modified
Sat, 24 Dec 2022 03:57:26 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=64192
content-length
10066
expires
Sun, 25 Dec 2022 03:57:16 GMT
usync.js
eus.rubiconproject.com/ Frame 2DF3 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9978410e404c2f058fe25e4d4a70899c7a817bc0b86eddb39d97e827038aa770

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:24 GMT
content-encoding
gzip
last-modified
Sat, 24 Dec 2022 03:57:26 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=64192
content-length
10066
expires
Sun, 25 Dec 2022 03:57:16 GMT
publishertag.prebid.130.js
static.criteo.net/js/ld/ Frame 4B98 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.130.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 17 Sep 2022 19:59:55 GMT
server
nginx
etag
W/"6326273b-16120"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 25 Dec 2022 10:07:24 GMT
vevent
fra1-ib.adnxs.com/ Frame 8529 		0
951 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fforward.com%2F&e=wqT_3QKoC_BMqAUAAAMA1gAFAQjWnpudBhCn0NGXgqud83UYja-4qpOZ7ppWKjYJDJOpglFJfT8RflWRfrkedj8ZAAAAgBSu5z8hflWRfrkedj8pDJMJJPCaMQAAAEDheoQ_MPmGhQw4mFBA4RhIAlCb0ra5AViezX9gAGix8pcBePzFBIABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJpdWYoJ2EnLCA0NTA2MTg4LCAwKTt1ZignaScsIDc2NTY5MjYsIDApO3VmKCdnJywgMTkxMDI1MDcsIDAJKTxzJywgMjc4NTgwOTIyLCAwCRYwcicsIDM4ODg2ODM3OQUW9IEBkgKJBSFsMy01WUFqWDl1TVpFSnZTdHJrQkdBQWduczFfTUFFNEFFQUFTT0VZVVBtR2hReFlBR0M5Qm1nQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkFxZ0JBckFCQUxrQk5FNWNPNVdXZXpfQkFmUkQ0TFgzUm4wX3lRRUFBQURBek16c1A5a0JTRE1XVFdjbjdqX2dBZDZyMHdQMUFRQUFRRUNZQWdDZ0FnQzFBZ0FBQUFDOUFnQUFBQURBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0SWdfeS1KeEFFR0FFdHdYS3dPYUlERXdpdDBfTW1FQW9ZQVMxbVptWV9NZ04xYm5HaUF3NEltcm1ZSlJBTEdBSXRBQUFBQUxvRENVWlNRVEU2TmpZeU9PQURpRENBQkpIa3FnbUlCTENKcXdtUUJBR1lCQVN5QkFrSXZ1b1JFSl9jcEEyNkJCa0k3UWdSdUI2RjYxRzRuajhaQUFBQUEBy1hBQWd2dW9Sd1FTNEhvWHJVYmllUDhrRQkbAQEYRFlCQUR4QgELDQF4aUFYa001Z0Z1cDNyaEFHcEJVZ3pGazFuSi00X3NRVQ0mFEFBQU1FRgEHCQE4REpCUUFBQUtBTGF1a18wLigABE5rFSi4OERfZ0Jjc0Y4QVdyOW8wSi1BWE1oSk1DZ2dZRFJWVlNpQVlBa0FZQm1BWUFvUVkJWzRBQUlRS2dHQkxJR0pBaxEUCEFBQh3HBEJrGRgAQx0YRExnR0NnLi6aApkBIS14WXEyZzqNAhBKN05meQG4BEF4EUIsQ0VBNkNVWlNRVEU2JZFARUNJTUVsSU14Wk5aeWZ1UDEdYQBGHXkIR0c0NWUAMh0YAEgdMAxIZ0FpRaEBAfDXRHdQdy4u2AIA4AKbhU7qAhRodHRwczovL2ZvcndhcmQuY29tL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA_DSkgHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMODAuMjU1LjcuMTA4qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANIEDjMxNjkjRlJBMTo2NjI42gQCCAHgBAHwBJvStrkBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAQ5w2AUB4AUB8AWr70n6BQQIABAAkAYAmAYAuAYAwQYBITAAAPA_0Ab_C9oGFgoQCREZAXQQABgA4AYB8gYCCACABwGIBwCgBwHIB_zFBNIHDQkRKAEmCNoHBgFdcBgA4AcA6gcCCADwB5bFA4oIAhAAlQgAAIA_mAgB&s=e4de142119f63addac31fef0c1df0a5e220d2784&type=pv&jm=1003&px=0&py=0&bw=300&bh=250&sf=1&sid=1425382271713132305&vd=ct~0|rr~5&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=25248633&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/231/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:24 GMT
AN-X-Request-Uuid
84799348-faae-4f27-86ef-3a6d5c74c108
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
ad-events.flashtalking.com/state/6162252;3290827;27933064;271;08C6B1A4-0C19-0FD9-A591-55C1C72C73EC/ Frame 90BF 		0
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-events.flashtalking.com/state/6162252;3290827;27933064;271;08C6B1A4-0C19-0FD9-A591-55C1C72C73EC/?cachebuster=75397674
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=efljs&e=1535582086632
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.169.195.169 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-169-195-169.eu-west-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:25 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
ft.stat
stat.flashtalking.com/reportV3/ Frame 90BF 		1 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stat.flashtalking.com/reportV3/ft.stat?216800443-6162252;3290827;27933064-304-0-547122A6DAD0A9-43005853
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=efljs&e=1535582086632
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-99.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:25 GMT
Last-Modified
Thu, 28 Jun 2012 14:38:09 GMT
Server
AkamaiNetStorage
ETag
"c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type
text/plain
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1
Expires
Sat, 24 Dec 2022 10:07:25 GMT
/
ad-events.flashtalking.com/state/6162252;3290827;27933064;271;48D3A557-68A6-8D42-C594-E5DCC71D51C1/ Frame A931 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-events.flashtalking.com/state/6162252;3290827;27933064;271;48D3A557-68A6-8D42-C594-E5DCC71D51C1/?cachebuster=82264977
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=icavjgt&e=1535582086632
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.169.195.169 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-169-195-169.eu-west-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:25 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
ft.stat
stat.flashtalking.com/reportV3/ Frame A931 		1 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stat.flashtalking.com/reportV3/ft.stat?216800443-6162252;3290827;27933064-304-0-5471574181B1AC-736954582
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=icavjgt&e=1535582086632
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-99.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:25 GMT
Last-Modified
Thu, 28 Jun 2012 14:38:09 GMT
Server
AkamaiNetStorage
ETag
"c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type
text/plain
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1
Expires
Sat, 24 Dec 2022 10:07:25 GMT
/
ad-events.flashtalking.com/state/6162252;3290827;27933064;271;062B2D6B-C322-653D-79BD-48F6180EDBCC/ Frame 9393 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-events.flashtalking.com/state/6162252;3290827;27933064;271;062B2D6B-C322-653D-79BD-48F6180EDBCC/?cachebuster=192513613
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=ybwpafwce&e=1535582086632
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.169.195.169 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-169-195-169.eu-west-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:25 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
ft.stat
stat.flashtalking.com/reportV3/ Frame 9393 		1 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stat.flashtalking.com/reportV3/ft.stat?216800443-6162252;3290827;27933064-304-0-5471DFEB9852E9-650935302
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=ybwpafwce&e=1535582086632
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-99.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:25 GMT
Last-Modified
Thu, 28 Jun 2012 14:38:09 GMT
Server
AkamaiNetStorage
ETag
"c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type
text/plain
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1
Expires
Sat, 24 Dec 2022 10:07:25 GMT
/
ad-events.flashtalking.com/state/6162252;3290827;27933064;271;64780DE7-7428-062E-8D86-55B77494830D/ Frame 9936 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-events.flashtalking.com/state/6162252;3290827;27933064;271;64780DE7-7428-062E-8D86-55B77494830D/?cachebuster=167220417
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=hxphinku&e=1535582086632
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.169.195.169 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-169-195-169.eu-west-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:25 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
ft.stat
stat.flashtalking.com/reportV3/ Frame 9936 		1 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stat.flashtalking.com/reportV3/ft.stat?216800443-6162252;3290827;27933064-304-0-5471A9AE0470D9-343203425
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=hxphinku&e=1535582086632
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-99.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:25 GMT
Last-Modified
Thu, 28 Jun 2012 14:38:09 GMT
Server
AkamaiNetStorage
ETag
"c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type
text/plain
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1
Expires
Sat, 24 Dec 2022 10:07:25 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 4B98 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071222
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 24 Dec 2022 10:07:25 GMT
viewability
hal900010.redintelligence.net/ Frame 2AEF 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900010.redintelligence.net/viewability?s=44963500034056600951421012183010&a=ea4f5abd&vb=m
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request_content.php?s=44963500034056600951421012183010&a=2b5be74c
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.145.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900010.redintelligence.net/request_content.php?s=44963500034056600951421012183010&a=2b5be74c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:25 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
usync.js
eus.rubiconproject.com/ Frame F77A 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9978410e404c2f058fe25e4d4a70899c7a817bc0b86eddb39d97e827038aa770

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:25 GMT
content-encoding
gzip
last-modified
Sat, 24 Dec 2022 03:57:26 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=64191
content-length
10066
expires
Sun, 25 Dec 2022 03:57:16 GMT
async_usersync
ib.adnxs.com/ Frame DE4F 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:25 GMT
AN-X-Request-Uuid
a95c5108-a7ef-4e9c-9e1e-d47deaacbb91
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 959A 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9978410e404c2f058fe25e4d4a70899c7a817bc0b86eddb39d97e827038aa770

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:25 GMT
content-encoding
gzip
last-modified
Sat, 24 Dec 2022 03:57:26 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=64191
content-length
10066
expires
Sun, 25 Dec 2022 03:57:16 GMT
/
ad-events.flashtalking.com/state/6162252;3290827;27933064;271;505AF455-0923-7DDF-0D34-3B46E617C7BA/ Frame 96B2 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-events.flashtalking.com/state/6162252;3290827;27933064;271;505AF455-0923-7DDF-0D34-3B46E617C7BA/?cachebuster=981416866
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=ajdxfouger&e=1535582086632
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.169.195.169 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-169-195-169.eu-west-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:25 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
ft.stat
stat.flashtalking.com/reportV3/ Frame 96B2 		1 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stat.flashtalking.com/reportV3/ft.stat?216800443-6162252;3290827;27933064-304-0-54719C407437AC-921305538
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=ajdxfouger&e=1535582086632
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-99.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:25 GMT
Last-Modified
Thu, 28 Jun 2012 14:38:09 GMT
Server
AkamaiNetStorage
ETag
"c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type
text/plain
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1
Expires
Sat, 24 Dec 2022 10:07:25 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 7A1C 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e08871ed7fb645682a93bddd73649efb40e662ed4900744e6c3e9c2b2a62d579

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
77e887a60b9d9a1d-FRA
content-encoding
br
content-type
text/html
date
Sat, 24 Dec 2022 10:07:25 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9pBg5XnnhPkfca0zsiYwdhkdB98wmpb9NN39LOeNCtWWE54XPr3aPwB20aZVHQzecNj2cok8GT%2Bhfshkb9iRtAztdEGIBw1UmHL53wGhI1sTZ7cZ%2F9ITuqA6bEhjSgOYBF%2B6n96mPzJOHA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame ED16 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:25 GMT
AN-X-Request-Uuid
8fdf6389-7491-4475-ab72-75e9d0f6a0c8
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 5D6B 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37e6844c5969679d45f013455dd5a59ae880cdf8c2657d9bd7dc03bd4ea067e9

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
77e887a60ba99a1d-FRA
content-encoding
br
content-type
text/html
date
Sat, 24 Dec 2022 10:07:25 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mb6pUC6xh0cr5LA1Q2LCAOccku6kPl6CbDw%2BHnKwqzshpxxkaoD08hN91zj2oUyc4Xjf2pRk4sYFc06TjmDoRyxQ1znkkYzpXKZVUB4DQjf%2BK5Fal%2BfF%2B1OwZX6y0QqfDv7f5KyuzCb2PQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame 3F22 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:25 GMT
AN-X-Request-Uuid
2eb6593b-456c-4aea-8bbf-d5cdeabca17c
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame A0B6 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:25 GMT
AN-X-Request-Uuid
92c2806d-decc-4983-8a9b-cb1c77edacbd
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pvClk.min.js
analytics.webgains.io/ Frame 3B7F 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=44963500034056600951421012183010&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-4.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 08:50:11 GMT
content-encoding
gzip
via
1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
last-modified
Fri, 09 Dec 2022 10:53:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
4635
etag
W/"0d5045593d14c9612a5d5576928a5209"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
XsIRIPP7fsJY6YNONZGH_cvULHg3fO4SuqlR0dHj5Xy6EIrzIOGHUg==
1x1.gif
cdn.track.production.webgains.team/7121/ Frame 3B7F 		85 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/7121/1x1.gif?Expires=1671876741&Signature=cB4m6-Hf~n6Bdq6wHVCAhpIIqhSsSAvKjNW9zpyf3r1TyoKWbNHb0-5O3OFkvPRxRFenXyFx8l5HXGaVW6xn7W8OOdWGa8U-2Ug0PWUPzv9IG9fFSeb-xbA13-zT6q9qcokLlFN0j5vBhcHX4HPhZdxdUq31p6ejG21Jg0qpQ-a73LI4mKHfRrk3YotSPxEXuuLNAtl~o9FPyJqNTRaeJhGVPbpCM0Z7Ct~hEvVVH0~b86BeisqQr7vEUX3WhyPfXjU5xZAoPIjfDqPO4VMCvUOPBVAYYk~2AVPJxbTI2pL0iCfLikXBdKcp1WmHmEg8IWwB1jJ3tQ5Xn1sC1-iuYQ__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=snklkezbm&e=1535582086632
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-124.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
null
date
Sat, 24 Dec 2022 05:03:03 GMT
via
1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 11:40:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
18295
etag
"70af33d70b6810475aae19743c8c435b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
85
x-amz-cf-id
NABrZ9wdC5O8EiynLB2pyFW8ZZEA95DKDGMG18GAxXwKTOfmBDp7uw==
ixmatch.html
js-sec.indexww.com/um/ Frame 41E9 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
415
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
77e887a62a412bd2-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 10:07:25 GMT
expires
Sat, 24 Dec 2022 14:07:25 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 374D 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
53033
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 24 Dec 2022 10:07:25 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 15 Dec 2022 19:23:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
100, 271675
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220080-HHN
X-Timer
S1671876445.166653,VS0,VE0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0988 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=157695
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sat, 24 Dec 2022 10:07:25 GMT
expires
Mon, 26 Dec 2022 05:55:40 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame AB2E 		281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 10:07:25 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame 8B0E 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbdc068fde4ea17c7dc0588ac9b8bb12554aa330ae5d0b1dc5581e9c70e16898

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
77e887a63beb9a1d-FRA
content-encoding
br
content-type
text/html
date
Sat, 24 Dec 2022 10:07:25 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Eyp8bH1nRGYNNxErp%2FjZXbyUyqEev6OWg5soBLoUcvsw6t12u9SgROCLg5lRgmOUuTx4UeKqZN6UZuknpQ14WlEO%2B8vXnJsj%2BDjfErjUZd%2BiKTaWK2%2BF%2BgQBDi9yCsP8w%2F7aqdEAg8mVgA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame EBF8 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
415
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
77e887a63a642bd2-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 10:07:25 GMT
expires
Sat, 24 Dec 2022 14:07:25 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 2682 		281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 10:07:25 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 812D 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
53033
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 24 Dec 2022 10:07:25 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 15 Dec 2022 19:23:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
100, 272324
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220072-HHN
X-Timer
S1671876445.160256,VS0,VE0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7AF9 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=157695
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sat, 24 Dec 2022 10:07:25 GMT
expires
Mon, 26 Dec 2022 05:55:40 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame 6399 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc239d17579cc419deddd4872fc79152ad1dfa5923e699dfe6c53de1ab3a322b

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
77e887a64c0c9a1d-FRA
content-encoding
br
content-type
text/html
date
Sat, 24 Dec 2022 10:07:25 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zeysIZsKGCQcQW49dIrKnTpsW0FL1MNDMqya4xjNb69q3i5VqLCzzuNCY1hNfrCNsBxPooAfLz6glkvRiascZ59al1vxK%2BKTmMdl09bWijcCo%2FtahA78QLeU8PXmaPXqko04hPGWsdeLwg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 2DFE 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
415
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
77e887a64a682bd2-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 10:07:25 GMT
expires
Sat, 24 Dec 2022 14:07:25 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 768A 		281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 10:07:25 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7838 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=157695
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sat, 24 Dec 2022 10:07:25 GMT
expires
Mon, 26 Dec 2022 05:55:40 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 5F16 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
53033
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 24 Dec 2022 10:07:25 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 15 Dec 2022 19:23:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
100, 270998
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220068-HHN
X-Timer
S1671876445.162007,VS0,VE0
async_usersync
ib.adnxs.com/ Frame BC3F 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:25 GMT
AN-X-Request-Uuid
da5e473f-0132-47fa-a158-2a62b745136a
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 88F4 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a14792210367749345c8ef1ffb21b6ccaaa88c1c97b4ab527e9bcfca36c1aec4

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
77e887a64c329a1d-FRA
content-encoding
br
content-type
text/html
date
Sat, 24 Dec 2022 10:07:25 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K0KxJIjTclgk2y0Ew%2FbL30hhtfiTwlX7dv03hFuDOycj1eJKdpvwKAZGbfMoXVUYVyJx%2Bb1HLi46sN2d8TPoX6s3ZiQda8ydaLE8qF5jRlS4G%2F4wqgcs161oOwu22TBX4apgYwwb1%2Fe8Jw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame DD06 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1654713&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:25 GMT
AN-X-Request-Uuid
41c8fd53-1257-450f-898c-d349992df606
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
fra1-ib.adnxs.com/ Frame 73DA 		0
951 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fforward.com%2F&e=wqT_3QKoC_BMqAUAAAMA1gAFAQjWnpudBhCKxOyf8auWgzAYja-4qpOZ7ppWKjYJDJOpglFJfT8RflWRfrkedj8ZAAAAgBSu5z8hflWRfrkedj8pDJMJJPCaMQAAAEDheoQ_MPmGhQw4mFBA4RhIAlCb0ra5AViezX9gAGix8pcBeKSIBoABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJpdWYoJ2EnLCA0NTA2MTg4LCAwKTt1ZignaScsIDc2NTY5MjYsIDApO3VmKCdnJywgMTkxMDI1MDcsIDAJKTxzJywgMjc4NTgwOTIyLCAwCRYwcicsIDM4ODg2ODM3OQUW9IEBkgKJBSFqSC10V1FqWDl1TVpFSnZTdHJrQkdBQWduczFfTUFFNEFFQUFTT0VZVVBtR2hReFlBR0M5Qm1nQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkFxZ0JBckFCQUxrQk5FNWNPNVdXZXpfQkFmUkQ0TFgzUm4wX3lRRUFBQURBek16c1A5a0JTRE1XVFdjbjdqX2dBZDZyMHdQMUFRQUFRRUNZQWdDZ0FnQzFBZ0FBQUFDOUFnQUFBQURBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0SWdfeS1KeEFFR0FFdHdYS3dPYUlERXdpdDBfTW1FQW9ZQVMxbVptWV9NZ04xYm5HaUF3NEltcm1ZSlJBTEdBSXRBQUFBQUxvRENVWlNRVEU2TmpZeE9PQURpRENBQkpIa3FnbUlCTENKcXdtUUJBR1lCQVN5QkFrSXZ1b1JFSl9jcEEyNkJCa0k3UWdSdUI2RjYxRzRuajhaQUFBQUEBy1hBQWd2dW9Sd1FTNEhvWHJVYmllUDhrRQkbAQEYRFlCQUR4QgELDQF4aUFYYU01Z0Z1cDNyaEFHcEJVZ3pGazFuSi00X3NRVQ0mFEFBQU1FRgEHCQE4REpCUUFBQUtBTGF1a18wLigABE5rFSi4OERfZ0Jjc0Y4QVdyOW8wSi1BWE1oSk1DZ2dZRFJWVlNpQVlBa0FZQm1BWUFvUVkJWzRBQUlRS2dHQkxJR0pBaxEUCEFBQh3HBEJrGRgAQx0YQExnR0NnLi6aApkBIS1oYmoyPo0CEEo3TmZ5AbgEQXgRQixDRUE2Q1VaU1FURTYlkUBFQ0lNRWxJTXhaTlp5ZnVQMR1hAEYdeQhHRzQ1ZQAyHRgASB0wDEhnQWlFoQEB8NdEd1B3Li7YAgDgApuFTuoCFGh0dHBzOi8vZm9yd2FyZC5jb20vgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgD8NKSAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBAw4MC4yNTUuNy4xMDioBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQOMzE2OSNGUkExOjY2MTjaBAIIAeAEAfAEm9K2uQGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAABDnDYBQHgBQHwBavvSfoFBAgAEACQBgCYBgC4BgDBBgEhMAAA8D_QBv8L2gYWChAJERkBdBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHpIgG0gcNCREoASYI2gcGAV1wGADgBwDqBwIIAPAHlsUDiggCEACVCAAAgD-YCAE.&s=451b0a67521beb866b4dd22de22d467732e97ae7&type=pv&jm=1003&px=0&py=0&bw=300&bh=250&sf=1&sid=1425382271713132305&vd=ct~0|rr~5&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=25248633&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/231/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:25 GMT
AN-X-Request-Uuid
d6c22c4b-5ab6-4d1d-9af1-2220f2fc0727
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame A3F6 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:25 GMT
AN-X-Request-Uuid
2a182f7b-a523-4e7d-b164-0ec432eb2ee0
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 36A3 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=19518488&p=156319&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
b64c993616ae222736bfd1af517cfe652de1c881c1ac6ba16919b86b89da0d57

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sat, 24 Dec 2022 10:07:24 GMT
content-length
1148
content-type
text/html; charset=UTF-8
ixmatch.html
js-sec.indexww.com/um/ Frame 74D3 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
415
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
77e887a66a932bd2-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 10:07:25 GMT
expires
Sat, 24 Dec 2022 14:07:25 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 18E3 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=157695
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sat, 24 Dec 2022 10:07:25 GMT
expires
Mon, 26 Dec 2022 05:55:40 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 1298 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
53033
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 24 Dec 2022 10:07:25 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 15 Dec 2022 19:23:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
100, 275587
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220086-HHN
X-Timer
S1671876445.187238,VS0,VE0
usync.html
eus.rubiconproject.com/ Frame 72DD 		281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 10:07:25 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame 44BB 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:25 GMT
AN-X-Request-Uuid
6b566cf8-4185-4987-90cd-85bcf0202461
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame E721 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
415
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
77e887a66aaf2bd2-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 10:07:25 GMT
expires
Sat, 24 Dec 2022 14:07:25 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 17BB 		281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 10:07:25 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 3349 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
53033
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 24 Dec 2022 10:07:25 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 15 Dec 2022 19:23:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
100, 267161
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220023-HHN
X-Timer
S1671876445.193181,VS0,VE0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8029 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=157695
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sat, 24 Dec 2022 10:07:25 GMT
expires
Mon, 26 Dec 2022 05:55:40 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame B66A 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12e3c0bb74dd1d4eb4d82eb4f82003e456faa8e819f07375e5b2458e22988167

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
77e887a67c839a1d-FRA
content-encoding
br
content-type
text/html
date
Sat, 24 Dec 2022 10:07:25 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b80tz%2BD%2FwXupWJWM32rdOhetKdh7dsqL75aUhOv3etGF%2BuUVie2KZ%2BjCzW0Gud5S50M3GLE4FvNVLUlPm33B7zd0bx7IV%2FWUxWr0lP3pkzdmH9ta7F8lQu9VYTlXpal9e6rGVpuE7UUucw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame A23E 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d7f2e48cb51e9a06bb737207308308c5e71a61183b5d91ee37d60d22c1895a9

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
77e887a68c959a1d-FRA
content-encoding
br
content-type
text/html
date
Sat, 24 Dec 2022 10:07:25 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k58lanZX2Ak4%2B2D6wps515QNvZva59ALVYlS5JBxlb%2FaerxIBfULncR2oPqWHYAajdAc6aM96%2Bvb74PmxoVl0ary3Wl249RTDdfPicBu2xQ6LZItOiPI5gE7rGysIhlajs%2FKwOWIi8%2F%2F9w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 5C97 		281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 10:07:25 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F846 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=157695
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sat, 24 Dec 2022 10:07:25 GMT
expires
Mon, 26 Dec 2022 05:55:40 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 3E31 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
53033
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 24 Dec 2022 10:07:25 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 15 Dec 2022 19:23:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
100, 272325
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220072-HHN
X-Timer
S1671876445.218292,VS0,VE0
ixmatch.html
js-sec.indexww.com/um/ Frame 2035 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
415
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
77e887a68aed2bd2-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 10:07:25 GMT
expires
Sat, 24 Dec 2022 14:07:25 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame C480 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c85712a9d7fab6a4454e714ca05a054e8450c7be9b936190ba9446113900839

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
77e887a68ca69a1d-FRA
content-encoding
br
content-type
text/html
date
Sat, 24 Dec 2022 10:07:25 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OPKZ4Q%2FX6hQa%2FOiVSa39vrOqwoTDR5k1qR%2FsKo9xnf71K8jD9jANNZAuVu8c%2B%2Fid%2FREj5L6OgSvY%2FozdcotXSxSj%2F71prgWRAKyXtGxgWuL3vucr2oL6%2BsVtBfu3WRdnzEb41%2FMdyogpJg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
vevent
fra1-ib.adnxs.com/ Frame DC10 		0
951 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fforward.com%2F&e=wqT_3QKoC_BMqAUAAAMA1gAFAQjWnpudBhDG_ozcv7WAugcYja-4qpOZ7ppWKjYJDJOpglFJfT8RflWRfrkedj8ZAAAAgBSu5z8hflWRfrkedj8pDJMJJPCaMQAAAEDheoQ_MPmGhQw4mFBA4RhIAlCb0ra5AViezX9gAGix8pcBeLrZBYABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJpdWYoJ2EnLCA0NTA2MTg4LCAwKTt1ZignaScsIDc2NTY5MjYsIDApO3VmKCdnJywgMTkxMDI1MDcsIDAJKTxzJywgMjc4NTgwOTIyLCAwCRYwcicsIDM4ODg2ODM3OQUW9IEBkgKJBSFRWC1ETGdqWDl1TVpFSnZTdHJrQkdBQWduczFfTUFFNEFFQUFTT0VZVVBtR2hReFlBR0M5Qm1nQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkFxZ0JBckFCQUxrQk5FNWNPNVdXZXpfQkFmUkQ0TFgzUm4wX3lRRUFBQURBek16c1A5a0JTRE1XVFdjbjdqX2dBZDZyMHdQMUFRQUFRRUNZQWdDZ0FnQzFBZ0FBQUFDOUFnQUFBQURBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdHQUF3R1lBd0dpQXc0SWdfeS1KeEFFR0FFdHdYS3dPYUlERXdpdDBfTW1FQW9ZQVMxbVptWV9NZ04xYm5HaUF3NEltcm1ZSlJBTEdBSXRBQUFBQUxvRENVWlNRVEU2TlRjM051QURpRENBQkpIa3FnbUlCTENKcXdtUUJBR1lCQVN5QkFrSXZ1b1JFSl9jcEEyNkJCa0k3UWdSdUI2RjYxRzRuajhaQUFBQUEBy1hBQWd2dW9Sd1FTNEhvWHJVYmllUDhrRQkbAQEYRFlCQUR4QgELDQF4aUFXUUxaZ0Z1cDNyaEFHcEJVZ3pGazFuSi00X3NRVQ0mFEFBQU1FRgEHCQE4REpCUUFBQUtBTGF1a18wLigABE5rFSi4OERfZ0Jjc0Y4QVdyOW8wSi1BWE1oSk1DZ2dZRFJWVlNpQVlBa0FZQm1BWUFvUVkJWzRBQUlRS2dHQkxJR0pBaxEUCEFBQh3HBEJrGRgAQx0YRExnR0NnLi6aApkBIV9oWUEydzqNAhBKN05meQG4BEF4EUIsQ0VBNkNVWlNRVEU2JZFAa0NJTUVsSU14Wk5aeWZ1UDEdYQBGHXkIR0c0NWUAMh0YAEgdMAxIZ0FpRaEBAfDXRHdQdy4u2AIA4AKbhU7qAhRodHRwczovL2ZvcndhcmQuY29tL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA_DSkgHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMODAuMjU1LjcuMTA4qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANIEDjMxNjkjRlJBMTo1Nzc22gQCCAHgBAHwBJvStrkBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAQ5w2AUB4AUB8AWr70n6BQQIABAAkAYAmAYAuAYAwQYBITAAAPA_0Ab_C9oGFgoQCREZAXQQABgA4AYB8gYCCACABwGIBwCgBwHIB7rZBdIHDQkRKAEmCNoHBgFdcBgA4AcA6gcCCADwB5bFA4oIAhAAlQgAAIA_mAgB&s=e24a9954e4c56ab92b6ebd44df05d723a1c23889&type=pv&jm=1003&px=0&py=0&bw=300&bh=250&sf=1&sid=1425382271713132305&vd=ct~0|rr~5&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=25248633&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/231/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:25 GMT
AN-X-Request-Uuid
3897103e-397c-4f54-bdc3-f27c6d2ffaa8
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 57FA 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=4034008&p=156319&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
b64c993616ae222736bfd1af517cfe652de1c881c1ac6ba16919b86b89da0d57

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sat, 24 Dec 2022 10:07:23 GMT
content-length
1148
content-type
text/html; charset=UTF-8
ixmatch.html
js-sec.indexww.com/um/ Frame E7C2 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
415
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
77e887a6ab242bd2-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 10:07:25 GMT
expires
Sat, 24 Dec 2022 14:07:25 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 5A09 		281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 10:07:25 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 3EFE 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
53033
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 24 Dec 2022 10:07:25 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 15 Dec 2022 19:23:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
100, 271676
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220080-HHN
X-Timer
S1671876445.254306,VS0,VE0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0668 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=157695
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sat, 24 Dec 2022 10:07:25 GMT
expires
Mon, 26 Dec 2022 05:55:40 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame BD49 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:25 GMT
AN-X-Request-Uuid
2be36b16-af4d-43ac-b6bf-2d1bdfd8ec15
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame FCBA 		374 B
602 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=59092445&p=156319&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
2d83dc0d923bf620d0de3a019e7fed93afb7677e2dd79b1d05b2e9ed0f34c200

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sat, 24 Dec 2022 10:07:24 GMT
content-length
374
content-type
text/html; charset=UTF-8
PugMaster
image6.pubmatic.com/AdServer/ Frame FB04 		374 B
536 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=40467991&p=156319&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
2d83dc0d923bf620d0de3a019e7fed93afb7677e2dd79b1d05b2e9ed0f34c200

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sat, 24 Dec 2022 10:07:25 GMT
content-length
374
content-type
text/html; charset=UTF-8
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame FF5F 		95 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?referrer=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.55.233.29 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.233.55.162.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/png
date
Sat, 24 Dec 2022 10:07:25 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
crum
dsum.casalemedia.com/ Frame FF5F
Redirect Chain
  • https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=844299&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=0
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=12f3d347-713d-dd7a-fe33f9e7
43 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=12f3d347-713d-dd7a-fe33f9e7
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H3
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a8JrarsEdRE%2FfXwNLWhyMLodIIxTyLG1CHTktRc%2BNZxuFHdJcmxD6OgDt8uVcXSdWfy50KhePhGqIyvkmOWBcDgnMnzW2r4SNGyMib2MV6K4Qa7%2BsBVcCWaIeqjoHIMh08%2BYg7sm"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
77e887b639b5bbdf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Sat, 24 Dec 2022 10:07:26 GMT
via
1.1 google
server
nginx/1.22.1
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=12f3d347-713d-dd7a-fe33f9e7
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119
ImgSync
image8.pubmatic.com/AdServer/ Frame FF5F 		0
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=156383
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:23 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
ad-events.flashtalking.com/state/6162252;3290827;27933064;271;B1C1D55F-C269-1920-7DF6-CB7D9C23B9A1/ Frame 3A7C 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-events.flashtalking.com/state/6162252;3290827;27933064;271;B1C1D55F-C269-1920-7DF6-CB7D9C23B9A1/?cachebuster=346302458
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=sqwwysn&e=1535582086632
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.169.195.169 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-169-195-169.eu-west-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:25 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
ft.stat
stat.flashtalking.com/reportV3/ Frame 3A7C 		1 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stat.flashtalking.com/reportV3/ft.stat?216800443-6162252;3290827;27933064-304-0-54715E62DEC188-521007880
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=sqwwysn&e=1535582086632
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-99.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:25 GMT
Last-Modified
Thu, 28 Jun 2012 14:38:09 GMT
Server
AkamaiNetStorage
ETag
"c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type
text/plain
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1
Expires
Sat, 24 Dec 2022 10:07:25 GMT
main.19.8.377.js
static.adsafeprotected.com/ Frame 3A7C 		199 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.377.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=930248&advId=1694368&campId=5249020&pubId=10264&chanId=1654713&placementId=7337&planId=17801719&adsafe_par&impId=5074709440084529340
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:4800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c3d6dd40d554051caae0e87609382cfbf0370ef9acd3beddd1ad5c0bfd335c15

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 23:56:39 GMT
x-amz-version-id
dX.ebh6MRkbxhfqjxJgTQokuZG2AvCpL
content-encoding
gzip
via
1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
987047
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 12 Dec 2022 16:54:47 GMT
server
AmazonS3
etag
W/"6021cd2c4605b3ba4a8f0769ad2e5fc0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
Y-C9VyDutVy_-xBeYT40SX48N_6Qa0bmDqFAaRDyORrMp_p4RO9MMQ==
usync.js
eus.rubiconproject.com/ Frame DCA8 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9978410e404c2f058fe25e4d4a70899c7a817bc0b86eddb39d97e827038aa770

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:25 GMT
content-encoding
gzip
last-modified
Sat, 24 Dec 2022 03:57:26 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=64191
content-length
10066
expires
Sun, 25 Dec 2022 03:57:16 GMT
usync.js
eus.rubiconproject.com/ Frame 84AB 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9978410e404c2f058fe25e4d4a70899c7a817bc0b86eddb39d97e827038aa770

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:25 GMT
content-encoding
gzip
last-modified
Sat, 24 Dec 2022 03:57:26 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=64191
content-length
10066
expires
Sun, 25 Dec 2022 03:57:16 GMT
usync.js
eus.rubiconproject.com/ Frame 313F 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9978410e404c2f058fe25e4d4a70899c7a817bc0b86eddb39d97e827038aa770

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:25 GMT
content-encoding
gzip
last-modified
Sat, 24 Dec 2022 03:57:26 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=64191
content-length
10066
expires
Sun, 25 Dec 2022 03:57:16 GMT
dcmads.js
www.googletagservices.com/dcm/ Frame 84EA 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9406a92f81fad251295cd64386a8bb62ee7503f589ae1b96893faae2f4fcb18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 09:31:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2131
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10900
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 17:19:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 24 Dec 2022 10:31:54 GMT
apn
beacon.sojern.com/imp/ Frame 84EA 		42 B
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.sojern.com/imp/apn?auc=3877668616759209353&cr=273242068&seg=&st=0&bp=0.01343&pp=0.013426&aaid=&idfa=&ord=442990417
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
119.244.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
date
Sat, 24 Dec 2022 10:07:25 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
vary
Accept-Encoding
content-type
image/gif
ca
choices.truste.com/ Frame 84EA 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.truste.com/ca?pid=sojern01&aid=sojern02_d&cid=0&c=442990417&sz=300x250&js=st_dapp
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-7.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
3cef1864f3b4a587c446729a5ee0eb8ae906ec76154e956b797e467c653d0024
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 ff2bcb2d3b4a3d9e0615ddd1033c38c4.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop
FRA2-C2
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
918
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
text/javascript;charset=UTF-8
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
njNswdz_XYQMIEBZrFoS47hjUhMqFdLF5B4mZs11L-h6SZl-vDlgBw==
expires
Mon, 26 Jul 1997 05:00:00 GMT
trk.js
cdn.adnxs.com/v/s/231/ Frame 84EA 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/231/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a6014f6b98eaeb6078b9e1c953c61f33af95d5f4866d89a416d01b74a0dd6c27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Expires
Wed, 06 Dec 2023 04:35:13 GMT
Date
Sat, 24 Dec 2022 10:07:25 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
1575132
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27455
X-Served-By
cache-lga13620-LGA, cache-hhn-etou8220052-HHN
Last-Modified
Wed, 30 Nov 2022 10:07:25 GMT
Server
AkamaiNetStorage
X-Timer
S1671876445.475476,VS0,VE0
ETag
"48b9fe7fe4120aea6f95a30f505d7b35:1669802845.0694"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
17, 2166505
it
fra1-ib.adnxs.com/ Frame 84EA 		0
930 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fforward.com%252F&e=wqT_3QKuCvSOAS4FAAADANYABQEI2p6bnQYQidvz1P7hj-g1GI2vuKqTme6aVio2CWZHU1_pfos_ESO1jMoHfoQ_GQAAAIAUruc_IQ8-JxW6f4Q_KeJASBYwgYs_MQAAAEDheoQ_MPmGhQw4mFBA6j9IAlDUr6WCAViezX9gAGix8pcBeMyGBoABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJTdWYoJ2EnLCA0ODE4MTIxLCAwKTt1ZignaScsIDU0NDMxMDksIDApO3VmKCdnJywgMTM5OTcyMDYsIDApO3VmKCdyJywgMjczMjQyMDY4LCAwKTuSAqUEIWFtYVQxZ2o0Z1pZWEVOU3ZwWUlCR0FBZ25zMV9NQUE0QUVBQVNPb19VUG1HaFF4WUFHQzlCbWdBY0FCNEFJQUJBSWdCQUpBQkFaZ0JBYUFCQWFnQkFiQUJBTGtCVTNzOEZkeC1pel9CQVZON1BCWGNmb3NfeVFFQUFBQUFBQUR3UDlrQg0NeEE4RF9nQWFXY3pBTDFBYzNNekQyWUFnQ2dBZ0cxQWcBJgRDOQkI8FtEQUFnRElBZ0RRQWdEWUFnRGdBZ0RvQWdENEFnQ0FBd0dZQXdHNkF3bEdVa0V4T2pZMU5EbmdBNGd3Z0FUbzI4TUZpQVRwMjhNRmtBUUJtQVFCdWdRYUNJVUVFUQFoHEFBQU5BX0dRAQkJASBJSUxHaXc3QkIJDwUgBHlRHSEYTmdFQVBFRREfXEFBQ0lCWlV6cVFWSU14Wk5aeWZ1UDdFRhkgGERCQlpxWm0BAhRia195UVUFGxRTU19CUDkyKAAEWkIRZ8BQQV80QVdfQ3ZBRmxxbldCdmdGeVltbUFvSUdBMVZUUklnR0FKQUdBWmdHQUtFR21wBV4wWnVULW9CZ1N5QmlRSgVlCQEAUgkHBQEAWgUGCQEAaAkHAQFcQzRCZ28umgKZASE2QlVES1FqNGdaWVhFUSkoSjdOZnlBQUtBQXgZbVA4NkNVWlNRVEU2TmpVME9VQ0lNRWsBThhBQUFEd1AxPSQARhEYDEFBQUcRGAxEUVAyHRgASBEYHEFBQUhnQWlRERDw10R3UHcuLtgCAOACm4VO6gIUaHR0cHM6Ly9mb3J3YXJkLmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APw0pIB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDgwLjI1NS43LjEwOKgEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADSBA44MTcwI0ZSQTE6NjU0OdoEAggB4AQB8ATUr6WCAYgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAAAAEOcNgFAeAFAfAFyrsr-gUECAAQAJAGAJgGALgGAMEGASEwAADwP9AG6CnaBhYKEAkRGQF0EAAYAOAGAfIGAggAgAcBiAcAoAcByAfMhgbSBw0JESgBJgjaBwYBXXAYAOAHAOoHAggA8AeWxQOKCAIQAJUIAACAP5gIAQ..&s=3117b09484d45768b2e87352f2700d5a20f23134
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:25 GMT
AN-X-Request-Uuid
279e4bda-19e8-4d7c-983d-68f3821287b8
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dcmads.js
www.googletagservices.com/dcm/ Frame 3D32 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9406a92f81fad251295cd64386a8bb62ee7503f589ae1b96893faae2f4fcb18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 09:31:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2131
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10900
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 17:19:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 24 Dec 2022 10:31:54 GMT
apn
beacon.sojern.com/imp/ Frame 3D32 		42 B
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.sojern.com/imp/apn?auc=5584174140448221518&cr=240707633&seg=&st=0&bp=0.0107&pp=0.0107&aaid=&idfa=&ord=770950469
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
119.244.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
date
Sat, 24 Dec 2022 10:07:25 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
vary
Accept-Encoding
content-type
image/gif
ca
choices.truste.com/ Frame 3D32 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.truste.com/ca?pid=sojern01&aid=sojern02_d&cid=0&c=770950469&sz=300x250&js=st_dapp
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-7.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
3cef1864f3b4a587c446729a5ee0eb8ae906ec76154e956b797e467c653d0024
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 ff2bcb2d3b4a3d9e0615ddd1033c38c4.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop
FRA2-C2
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
918
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
text/javascript;charset=UTF-8
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
jWpTiFOrEfwpVbNVUuznS4un3zDncVNBE03rUMdj1PIQ6w_aw2q6GA==
expires
Mon, 26 Jul 1997 05:00:00 GMT
trk.js
cdn.adnxs.com/v/s/231/ Frame 3D32 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/231/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a6014f6b98eaeb6078b9e1c953c61f33af95d5f4866d89a416d01b74a0dd6c27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Expires
Wed, 06 Dec 2023 04:35:13 GMT
Date
Sat, 24 Dec 2022 10:07:25 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
1575132
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27455
X-Served-By
cache-lga13620-LGA, cache-hhn-etou8220052-HHN
Last-Modified
Wed, 30 Nov 2022 10:07:25 GMT
Server
AkamaiNetStorage
X-Timer
S1671876446.528187,VS0,VE0
ETag
"48b9fe7fe4120aea6f95a30f505d7b35:1669802845.0694"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
17, 2166506
it
fra1-ib.adnxs.com/ Frame 3D32 		0
930 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fforward.com%252F&e=wqT_3QKoCvBMKAUAAAMA1gAFAQjanpudBhDO0tqqtpm-v00Yja-4qpOZ7ppWKjYJJqCJsOHphT8R0S2rGP1UgD8ZAAAAgBSu5z8h0S2rGP1UgD8pJ6AJJPB5MQAAAEDheoQ_MPmGhQw4mFBA6j9IAlCx0ONyWJ7Nf2AAaLHylwF4x9gFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAlN1ZignYScsIDQ4MjAyODcsIDApO3VmKCdpJywBFAw1ODQ5FRQsZycsIDEyNzM5MTM1FRUwcicsIDI0MDcwNzYzMwUW9BcBkgKlBCFpMmdSTXdpSmxOVVZFTEhRNDNJWUFDQ2V6WDh3QURnQVFBQkk2ajlRLVlhRkRGZ0FZTDBHYUFCd0FIZ0FnQUVBaUFFQWtBRUJtQUVCb0FFQnFBRUJzQUVBdVFFNWtZUWE4ZWlGUDhFQk9aR0VHdkhvaFRfSkFRQUFBQUFBQVBBXzJRRUFBQUFBQUFEd1AtQUItY1dtQXZVQnpjek1QWmdDQUtBQ0FiVUNBQUFBQUwwQ0FBQUFBTUFDQU1nQ0FOQUNBTmdDQU9BQ0FPZ0NBUGdDQUlBREFaZ0RBYm9EQ1VaU1FURTZOVFEwT09BRGlEQ0FCTGo5eFFTSUJNNlN6QVNRQkFHWUJBRzZCQm9JaFFRUkFBQQGaEEEwRDhaBQkJARxnZ3NhTERzRRGtFEEwRF9KQgkcBQEUMkFRQThREdlgQUFBSWdGeUNxcEJVZ3pGazFuSi00X3NRVQEaCQEYTUVGbXBtWgECEHVUX0pCATscSUFzWTdzXzAuKAAITmtGCTHIQUE4RF9nQmE0SThBV194SWtHLUFXX21xWUNnZ1lEVlZORWlBWUFrQVlCbUFZQW9RYWFtBV4wbTVQNmdHQkxJR0pBaxFLCEFBQhXLDEFBQmsZGABDHRhETGdHQ2cuLpoClQEhOFJWdkpnNikCKG5zMV9JQUFvQURHGW1Mem9KUmxKQk1UbzFORFE0UUlnd1MB3QEBDFBBX1URDAxBQUFXHQwAWREMDE5BX2ERDAxBQUFjHQwQZUFDSkEREPD1UEFf2AIA4AKbhU7qAhRodHRwczovL2ZvcndhcmQuY29tL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA_DSkgHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMODAuMjU1LjcuMTA4qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANIEDjgxNzAjRlJBMTo1NDQ42gQCCAHgBAHwBLHQ43KIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWlljT6BQQIABAAkAYAmAYAuAYAwQYABSUo8D_QBugp2gYWChAFEB0BdBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHx9gF0gcNCREpASYI2gcGAV1wGADgBwDqBwIIAPAHlsUDiggCEACVCAAAgD-YCAE.&s=6fa758439b866ef900c56cda7cb99e5c61422877
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:25 GMT
AN-X-Request-Uuid
e1b79d3d-6b4e-4362-a27b-ed95c6e97019
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
ad-events.flashtalking.com/state/6162252;3290827;27933064;271;0C33F28B-D6D6-4206-3334-68C18AE84023/ Frame B5EE 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-events.flashtalking.com/state/6162252;3290827;27933064;271;0C33F28B-D6D6-4206-3334-68C18AE84023/?cachebuster=581532670
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=gsuhtufxa&e=1535582086632
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.169.195.169 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-169-195-169.eu-west-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:25 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
ft.stat
stat.flashtalking.com/reportV3/ Frame B5EE 		1 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stat.flashtalking.com/reportV3/ft.stat?216800443-6162252;3290827;27933064-304-0-547141C502C1FA-142014228
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=gsuhtufxa&e=1535582086632
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-99.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:25 GMT
Last-Modified
Thu, 28 Jun 2012 14:38:09 GMT
Server
AkamaiNetStorage
ETag
"c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type
text/plain
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1
Expires
Sat, 24 Dec 2022 10:07:25 GMT
main.19.8.377.js
static.adsafeprotected.com/ Frame B5EE 		199 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.377.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=930248&advId=1694368&campId=5249020&pubId=10264&chanId=1654713&placementId=7337&planId=17801719&adsafe_par&impId=5752709546234191296
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:4800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c3d6dd40d554051caae0e87609382cfbf0370ef9acd3beddd1ad5c0bfd335c15

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 23:56:39 GMT
x-amz-version-id
dX.ebh6MRkbxhfqjxJgTQokuZG2AvCpL
content-encoding
gzip
via
1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
987047
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 12 Dec 2022 16:54:47 GMT
server
AmazonS3
etag
W/"6021cd2c4605b3ba4a8f0769ad2e5fc0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
4KOMkBx801Ete5Vn2wI6_ylTlR4lsrm0gtUpHW_Hwd3AI-L7i12Jhg==
usync.js
eus.rubiconproject.com/ Frame 398F 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9978410e404c2f058fe25e4d4a70899c7a817bc0b86eddb39d97e827038aa770

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:25 GMT
content-encoding
gzip
last-modified
Sat, 24 Dec 2022 03:57:26 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=64191
content-length
10066
expires
Sun, 25 Dec 2022 03:57:16 GMT
Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js
pagead2.googlesyndication.com/bg/ Frame 6276 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 06:51:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11779
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15923
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 24 Dec 2023 06:51:06 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame F597 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=cigritfmlj&e=1535582086632
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
53033
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 24 Dec 2022 10:07:25 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 15 Dec 2022 19:23:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
100, 271681
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220080-HHN
X-Timer
S1671876446.567906,VS0,VE0
rd_log
fra1-ib.adnxs.com/ Frame 8045 		0
930 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fforward.com%2F&e=wqT_3QLhDPBMYQYAAAMA1gAFAQjVnpudBhDF_sm68eTDk0cYja-4qpOZ7ppWKjYJNZ2dDI6Shz8Ra67jT36RgT8ZAAAAgD0K7z8ha67jT36RgT8pNJ0JJPCBMQAAAEDhepQ_MJeHhQw4mFBA6j9IAlDk-KKCAViezX9gAGix8pcBeOzQBIABAYoBA1VTRJIBA0VVUpgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAlN1ZignYScsIDUxNjcxOTksIDApO3VmKCdpJywgNTQ0MTYzORUULGcnLCAxMzk5MzU3MhUVMHInLCAyNzMyMDIyNzYFFvCLkgKlBCFMbWhNcUFqVjRKVVhFT1Q0b29JQkdBQWduczFfTUFBNEFFQUFTT29fVUplSGhReFlBR0M5Qm1nQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkFhZ0JBYkFCQUxrQmR6YTNRV0tRaHpfQkFYYzJ0MEZpa0ljX3lRRUFBQUFBQUFEd1A5a0JBQUEFDnQ4RF9nQWVlUXpBTDFBYzNNekQyWUFnQ2dBZ0cxQWcBIwRDOQkI8FtEQUFnRElBZ0RRQWdEWUFnRGdBZ0RvQWdENEFnQ0FBd0dZQXdHNkF3bEdVa0V4T2pVMk9EWGdBNGd3Z0FTT3RNTUZpQVNRdE1NRmtBUUJtQVFCdWdRYUNJVUVFUQFoHEFBQU5BX0dRAQkJASBJSUxHaXc3QkIJDwUgBHlRHSEYTmdFQVBFRREfXEFBQ0lCYlVzcVFWSU14Wk5aeWZ1UDdFRhkgGERCQlpxWm0BAkBia195UVVBQUFEZ2VYUzlQOTIoAARaQhFnwFBBXzRBWF9DUEFGNUl6V0J2Z0YzN0M3QW9JR0ExVlRSSWdHQUpBR0FaZ0dBS0VHbXAFXjBadVQtb0JnU3lCaVFKGYAEQVIdDABaHQwAaBkMQEM0QmdvLpoCmQEhZVJaVFl3OikCKEo3TmZ5QUFLQUF4GW1QODZDVVpTUVRFNk5UWTROVUNJTUVrDVQMRHdQMT0kAEYRGAxBQUFHERgMRFFQMh0YAEgRGBhBQUFIZ0FpLj0C8EN3Li7YAgDgApuFTuoCFGh0dHBzOi8vZm9yd2FyZC5jb20v8gIRCgZBRFZfSUQSBzUxNjcxOTnyAhIKBkNQR19JRBIIMW0pRPICCgoFQ1BfSUQSATDyAg0KCAE2DEZSRVEREBxSRU1fVVNFUgUQABEJIDxDT0RFEgU0NTc2NPICIwoIAVYFFBgXMDBrM3AwAQFMc2ViSHVBQUlfZGVfMPICCwoHQ1AJJRwA8gIQCgVJTwF1DAc1NDRhxhjyAh0KB0lPCSEMEjAwNg1GYHVkYkNXQUFZ8gITCg9DVVNUT01fTU9ERUwBPRQA8gIaChYyFgAgTEVBRl9OQU1FAR0IHgoaNh0ACEFTVAE-EElGSUVEASEcDQoIU1BMSVQBTfCwATCAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APw0pIB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDgwLjI1NS43LjEwOKgEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANIEDjgxNzAjRlJBMTo1Njg12gQCCAHgBAHwBOT4ooIBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkABQx4AADYBQHgBQHwBaTGKvoFBAgAEACQBgCYBgC4BgDBBgkkKPA_0AboKdoGFgoQCREZAXQQABgA4AYB8gYCCACABwGIBwCgBwHIB-zQBNIHDQkRKAEmCNoHBgFdcBgA4AcA6gcCCADwB5bFA4oIAhAAlQgAAIA_mAgB&s=b39efedf569338913c74231286034f1ebeb6dec9&bdref=https%3A%2F%2Fforward.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fforward.com%2F,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dcigritfmlj%26e%3D1535582086632,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dcigritfmlj%26e%3D1535582086632&
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=cigritfmlj&e=1535582086632
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:25 GMT
AN-X-Request-Uuid
df3030e6-3b51-48b9-b1d9-0ad6c4431d18
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 699A 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=fcxutwsyos&e=1535582086632
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
53034
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 24 Dec 2022 10:07:25 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 15 Dec 2022 19:23:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
100, 272329
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220072-HHN
X-Timer
S1671876446.584662,VS0,VE0
rd_log
fra1-ib.adnxs.com/ Frame 2F0C 		0
930 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fforward.com%2F&e=wqT_3QLbDPBMWwYAAAMA1gAFAQjWnpudBhC70IvWsNemgCEYja-4qpOZ7ppWKjYJMUJ4tHHEij8RIJMq4A7zgz8ZAAAAgD0K7z8hIJMq4A7zgz8pMUIJJPCBMQAAAEDhepQ_MJeHhQw4mFBA6j9IAlCGrN9yWJ7Nf2AAaLHylwF4yoQGgAEBigEDVVNEkgEDRVVSmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCU3VmKCdhJywgNDgxOTI1OCwgMCk7dWYoJ2knLCA1NDQxNjc5LBEUMGcnLCAxMzk5Mzg0NiwRFShyJywgMjQwNjM3NA0W9BcBkgKlBCFwR2l1bHdqbjRwVVhFSWFzMzNJWUFDQ2V6WDh3QURnQVFBQkk2ajlRbDRlRkRGZ0FZTDBHYUFCd0FIZ0FnQUVBaUFFQWtBRUJtQUVCb0FFQnFBRUJzQUVBdVFFNmlZZEM2OGFLUDhFQk9vbUhRdXZHaWpfSkFRQUFBQUFBQVBBXzJRRUFBQUFBQUFEd1AtQUJqNUhNQXZVQnpjek1QWmdDQUtBQ0FiVUNBQUFBQUwwQ0FBQUFBTUFDQU1nQ0FOQUNBTmdDQU9BQ0FPZ0NBUGdDQUlBREFaZ0RBYm9EQ1VaU1FURTZOak01TmVBRGlEQ0FCTXUyd3dXSUJNeTJ3d1dRQkFHWUJBRzZCQm9JaFFRUkFBQQGaEEEwRDhaBQkJARxnZ3NhTERzRRGtFEEwRF9KQgkcBQEUMkFRQThREdlgQUFBSWdGLXpHcEJVZ3pGazFuSi00X3NRVQEaCQEYTUVGbXBtWgECEHVUX0pCATscSUJTdk1BXzAuKAAITmtGCTHIQUE4RF9nQlpzSzhBWDJqdFlHLUFXNmtxWUNnZ1lEVlZORWlBWUFrQVlCbUFZQW9RYWFtBV4wbTVQNmdHQkxJR0pBaxFLCEFBQhXLDEFBQmsZGABDHRhETGdHQ2cuLpoClQEhRGhZbU5BNikCKG5zMV9JQUFvQURHGW1Mem9KUmxKQk1UbzJNemsxUUlnd1MB3QEBDFBBX1URDAxBQUFXHQwAWREMDE5BX2ERDAxBQUFjHQwQZUFDSkERELhQQV_YAgDgApuFTuoCFGh0dHBzOi8vZm9yd2FyZC5jb20v8gIRCgZBRFZfSUQSB205NPICEgoGQ1BHX0lEEggxbSUY8gIKCgVDUAEUGAEw8gINCggBNgxGUkVRERAcUkVNX1VTRVIFEAARCSA8Q09ERRIFNDQ4MTLyAiMKCAFWBRQYFzAwazM5MAEBTHFremdUQUFRX2RlXzDyAgsKB0NQCSUcAPICEAoFSU8BdQAHbcIY8gIdCgdJTwkhDBIwMDYNRmBzN0pOQkFBMvICEwoPQ1VTVE9NX01PREVMAT0UAPICGgoWMhYAIExFQUZfTkFNRQEdCB4KGjYdAAhBU1QBPhBJRklFRAEhHA0KCFNQTElUAU3wsAEwgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgD8NKSAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBAw4MC4yNTUuNy4xMDioBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADSBA44MTcwI0ZSQTE6NjM5NdoEAggB4AQB8ASGrN9yiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAEMeAAA2AUB4AUB8AW0yij6BQQIABAAkAYAmAYAuAYAwQYJIyjwP9AG6CnaBhYKEAkRGQF0EAAYAOAGAfIGAggAgAcBiAcAoAcByAfKhAbSBw0JESgBJgjaBwYBXXAYAOAHAOoHAggA8AeWxQOKCAIQAJUIAACAP5gIAQ..&s=2dc33f10462c5cfcb4ea7116e923041e36257729&bdref=https%3A%2F%2Fforward.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fforward.com%2F,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dfcxutwsyos%26e%3D1535582086632,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dfcxutwsyos%26e%3D1535582086632&
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=fcxutwsyos&e=1535582086632
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:25 GMT
AN-X-Request-Uuid
f64ce7d9-34e7-4a78-bbb5-0737f3dacf18
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 7AE1 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=uffdafdut&e=1535582086632
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
53033
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 24 Dec 2022 10:07:25 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 15 Dec 2022 19:23:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
100, 275592
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220086-HHN
X-Timer
S1671876446.611342,VS0,VE0
rd_log
fra1-ib.adnxs.com/ Frame 3516 		0
930 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fforward.com%2F&e=wqT_3QLeDPBMXgYAAAMA1gAFAQjWnpudBhCjnNmHs-ef_yQYja-4qpOZ7ppWKjYJBdhHp658hj8Rb10a0GXCgD8ZAAAAgD0K7z8hb10a0GXCgD8pBtgJJPCBMQAAAEDhepQ_MJeHhQw4mFBA6j9IAlCsvpeEAViezX9gAGix8pcBeMSIBoABAYoBA1VTRJIBA0VVUpgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAlN1ZignYScsIDQzNDA4MDIsIDApO3VmKCdpJywgMzgxMTU4MRUULGcnLCAxMTQxNjA4MxUVMHInLCAyNzcyMDg4NzYFFvCLkgKlBCFHR2ptUWdqZ3h2MFNFS3ktbDRRQkdBQWduczFfTUFBNEFFQUFTT29fVUplSGhReFlBR0M5Qm1nQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkFhZ0JBYkFCQUxrQnRvNDZINlI3aGpfQkFiYU9PaC1rZTRZX3lRRUFBQUFBQUFEd1A5a0JBQUEFDnQ4RF9nQWYzUjZBSDFBYzNNekQyWUFnQ2dBZ0cxQWcBIwRDOQkI8FtEQUFnRElBZ0RRQWdEWUFnRGdBZ0RvQWdENEFnQ0FBd0dZQXdHNkF3bEdVa0V4T2pZMk16RGdBNGd3Z0FUa2hjQURpQVNUNXRNRGtBUUJtQVFCdWdRYUNJVUVFUQFoHEFBQU5BX0dRAQkJASBJSUxHaXc3QkIJDwUgBHlRHSEYTmdFQVBFRREfXEFBQ0lCZVl6cVFWSU14Wk5aeWZ1UDdFRhkgGERCQlpxWm0BAkBia195UVVBQUFCQWpCcThQOTIoAARaQhFnwFBBXzRBWEtDUEFGay1TNEJmZ0Z3dmlJQW9JR0ExVlRSSWdHQUpBR0FaZ0dBS0VHbXAFXjBadVQtb0JnU3lCaVFKGYAEQVIdDABaHQwAaBkMPEM0QmdvLpoCmQEhU1JhWVU-KQIoSjdOZnlBQUtBQXgZbVA4NkNVWlNRVEU2TmpZek1FQ0lNRWsNVAxEd1AxPSQARhEYDEFBQUcRGAxEUVAyHRgASBEYGEFBQUhnQWkuPQLwQ3cuLtgCAOACm4VO6gIUaHR0cHM6Ly9mb3J3YXJkLmNvbS_yAhEKBkFEVl9JRBIHNDM0MDgwMvICEgoGQ1BHX0lEEggxbSlE8gIKCgVDUF9JRBIBMPICDQoIATYMRlJFUREQHFJFTV9VU0VSBRAAEQkgPENPREUSBTUwNTQ18gIgCggBVgUUGBQwMGszcDABAUBzZWIzVEFBUV8x8gILCgdDUAkiHADyAhAKBUlPAXIMBzM4MWHDGPICHQoHSU8JIQwSMDA2DUNgdWRiMzVBQUHyAhMKD0NVU1RPTV9NT0RFTAE9FADyAhoKFjIWACBMRUFGX05BTUUBHQgeCho2HQAIQVNUAT4QSUZJRUQBIRwNCghTUExJVAFN8LABMIADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA_DSkgHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMODAuMjU1LjcuMTA4qAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA0gQOODE3MCNGUkExOjY2MzDaBAIIAeAEAfAErL6XhAGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAFDHgAANgFAeAFAfAFpMYq-gUECAAQAJAGAJgGALgGAMEGCSQo8D_QBugp2gYWChAJERkBdBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHxIgG0gcNCREoASYI2gcGAV1wGADgBwDqBwIIAPAHlsUDiggCEACVCAAAgD-YCAE.&s=a48d6428480caf89e10afa2e8c8bcf5f62389a19&bdref=https%3A%2F%2Fforward.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fforward.com%2F,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Duffdafdut%26e%3D1535582086632,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Duffdafdut%26e%3D1535582086632&
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=uffdafdut&e=1535582086632
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:25 GMT
AN-X-Request-Uuid
108f51bb-5a74-4f6f-b834-ae37dbb00a1c
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
html5API.js
cdn.flashtalking.com/frameworks/js/api/2/10/ Frame 832F 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/129256/3290827/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
b24207967ac402c984033e70a55264014d8a2c4a6528b5196881e3781f0c5a44

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:25 GMT
Content-Encoding
gzip
x-amz-request-id
3TCAKCN90Q9PME8W
Connection
Keep-Alive
Content-Length
28626
x-amz-id-2
7fnC0xP1SetsKtKpzqjHTWFnfaqJ+Ih/vEnk9lztgC8Pz8xmtvUBO+PlLvQu2YgZ9pLpvAaqMlU=
Last-Modified
Mon, 15 Aug 2022 14:14:24 GMT
ETag
"1660572864"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-HW
1671876439.dop133.fr8.t,1671876439.cds107.fr8.shn,1671876444.dop133.fr8.t,1671876445.cds274.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=15898
Accept-Ranges
bytes
gsap.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.2.6/ Frame 832F 		58 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.2.6/gsap.min.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/129256/3290827/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddaae7809050477153c9e46d2f79ae00615a19c2fc887b2e6d83aaab8f2604bc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3254390
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21169
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-e6bb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FL82Fqj4WccAuLIHra0MdROwRr69KKRdQE7FZOtLeIBiily3uR2R1cbTLd8Uwbq%2Fjr2VFSOUAUsGcJu4LQ3W%2Bj5DQ61S8R%2FDcga8q0%2FCkwdUYMQiXYn07CO5A36alHM2Du%2BUCxqdhHW3K%2FjotiIkdFmW"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e887a9199e9b5b-FRA
expires
Thu, 14 Dec 2023 10:07:25 GMT
SplitText.min.js
cdn.flashtalking.com/129256/3290827/js/ Frame 832F 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/129256/3290827/js/SplitText.min.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/129256/3290827/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
72066761670e67f7821cf496191827c6835c2dbb89b031a7ca498efd31c60d12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:25 GMT
Content-Encoding
gzip
x-amz-request-id
CH7RYEJYASR0TWQY
Connection
Keep-Alive
Content-Length
5155
x-amz-id-2
ToveK1yM+HG+cG1mIOQYwajzQFZjC/KN/HX9Z7g2GuqgdegIIgHRJd6bCu3n7L6PIm2zC7bveBQ=
Last-Modified
Mon, 28 Dec 2020 13:38:21 GMT
ETag
"1609162701"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
X-HW
1671876439.dop004.fr8.shc,1671876444.dop004.fr8.t,1671876445.cds274.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1095
Accept-Ranges
bytes
html5API.js
cdn.flashtalking.com/frameworks/js/api/2/10/ Frame DA7C 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/129256/3290827/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
b24207967ac402c984033e70a55264014d8a2c4a6528b5196881e3781f0c5a44

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:25 GMT
Content-Encoding
gzip
x-amz-request-id
3TCAKCN90Q9PME8W
Connection
Keep-Alive
Content-Length
28626
x-amz-id-2
7fnC0xP1SetsKtKpzqjHTWFnfaqJ+Ih/vEnk9lztgC8Pz8xmtvUBO+PlLvQu2YgZ9pLpvAaqMlU=
Last-Modified
Mon, 15 Aug 2022 14:14:24 GMT
ETag
"1660572864"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-HW
1671876439.dop231.fr8.t,1671876439.cds164.fr8.shn,1671876440.dop231.fr8.t,1671876445.cds274.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=15898
Accept-Ranges
bytes
gsap.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.2.6/ Frame DA7C 		58 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.2.6/gsap.min.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/129256/3290827/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddaae7809050477153c9e46d2f79ae00615a19c2fc887b2e6d83aaab8f2604bc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3254390
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21169
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-e6bb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8e3EgOBrxtsoaZTAyMVG6sg3FGyhRQV7170a7yJ0osbQfcpnXU%2BQy0jP25Bzn96yUrRzXAQt8mlyLICpXXj9XpT2v6FWWoFyOCWApFAg%2BblKolbnuEauPl77%2FlKwgulQ4NjVURHcUGyEui2OItDz5jWj"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e887a949dc9b5b-FRA
expires
Thu, 14 Dec 2023 10:07:25 GMT
SplitText.min.js
cdn.flashtalking.com/129256/3290827/js/ Frame DA7C 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/129256/3290827/js/SplitText.min.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/129256/3290827/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
72066761670e67f7821cf496191827c6835c2dbb89b031a7ca498efd31c60d12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:25 GMT
Content-Encoding
gzip
x-amz-request-id
CH7RYEJYASR0TWQY
Connection
Keep-Alive
Content-Length
5155
x-amz-id-2
ToveK1yM+HG+cG1mIOQYwajzQFZjC/KN/HX9Z7g2GuqgdegIIgHRJd6bCu3n7L6PIm2zC7bveBQ=
Last-Modified
Mon, 28 Dec 2020 13:38:21 GMT
ETag
"1609162701"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
X-HW
1671876439.dop139.fr8.t,1671876439.cds159.fr8.shn,1671876440.dop139.fr8.t,1671876445.cds274.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1095
Accept-Ranges
bytes
async_usersync
ib.adnxs.com/ Frame 7DD0 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1654713&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:25 GMT
AN-X-Request-Uuid
b98662a1-b436-47cc-8095-41493a9d7ab4
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
fra1-ib.adnxs.com/ Frame B800 		0
951 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fforward.com%2F&e=wqT_3QKoC_BMqAUAAAMA1gAFAQjWnpudBhC82O_R09C2lC0Yja-4qpOZ7ppWKjYJDJOpglFJfT8RflWRfrkedj8ZAAAAgBSu5z8hflWRfrkedj8pDJMJJPCaMQAAAEDheoQ_MPmGhQw4mFBA4RhIAlCb0ra5AViezX9gAGix8pcBeMOIBoABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJpdWYoJ2EnLCA0NTA2MTg4LCAwKTt1ZignaScsIDc2NTY5MjYsIDApO3VmKCdnJywgMTkxMDI1MDcsIDAJKTxzJywgMjc4NTgwOTIyLCAwCRYwcicsIDM4ODg2ODM3OQUW9IEBkgKJBSFrbjhGV3dqWDl1TVpFSnZTdHJrQkdBQWduczFfTUFFNEFFQUFTT0VZVVBtR2hReFlBR0M5Qm1nQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkFxZ0JBckFCQUxrQk5FNWNPNVdXZXpfQkFmUkQ0TFgzUm4wX3lRRUFBQURBek16c1A5a0JTRE1XVFdjbjdqX2dBZDZyMHdQMUFRQUFRRUNZQWdDZ0FnQzFBZ0FBQUFDOUFnQUFBQURBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0SWdfeS1KeEFFR0FFdHdYS3dPYUlERXdpdDBfTW1FQW9ZQVMxbVptWV9NZ04xYm5HaUF3NEltcm1ZSlJBTEdBSXRBQUFBQUxvRENVWlNRVEU2TmpZek1PQURpRENBQkpIa3FnbUlCTENKcXdtUUJBR1lCQVN5QkFrSXZ1b1JFSl9jcEEyNkJCa0k3UWdSdUI2RjYxRzRuajhaQUFBQUEBy1hBQWd2dW9Sd1FTNEhvWHJVYmllUDhrRQkbAQEYRFlCQUR4QgELDQF4aUFYbU01Z0Z1cDNyaEFHcEJVZ3pGazFuSi00X3NRVQ0mFEFBQU1FRgEHCQE4REpCUUFBQUtBTGF1a18wLigABE5rFSi4OERfZ0Jjc0Y4QVdyOW8wSi1BWE1oSk1DZ2dZRFJWVlNpQVlBa0FZQm1BWUFvUVkJWzRBQUlRS2dHQkxJR0pBaxEUCEFBQh3HBEJrGRgAQx0YRExnR0NnLi6aApkBITlCWkIyQTqNAhBKN05meQG4BEF4EUIsQ0VBNkNVWlNRVEU2JZFARUNJTUVsSU14Wk5aeWZ1UDEdYQBGHXkIR0c0NWUAMh0YAEgdMAxIZ0FpRaEBAfDXRHdQdy4u2AIA4AKbhU7qAhRodHRwczovL2ZvcndhcmQuY29tL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA_DSkgHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMODAuMjU1LjcuMTA4qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANIEDjMxNjkjRlJBMTo2NjMw2gQCCAHgBAHwBJvStrkBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAQ5w2AUB4AUB8AWr70n6BQQIABAAkAYAmAYAuAYAwQYBITAAAPA_0Ab_C9oGFgoQCREZAXQQABgA4AYB8gYCCACABwGIBwCgBwHIB8OIBtIHDQkRKAEmCNoHBgFdcBgA4AcA6gcCCADwB5bFA4oIAhAAlQgAAIA_mAgB&s=0840faf76275c071da715622602648d07ad55da4&type=pv&jm=1003&px=0&py=0&bw=300&bh=250&sf=1&sid=1425382271713132305&vd=ct~0|rr~5&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=25248633&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/231/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:25 GMT
AN-X-Request-Uuid
b3413873-2454-4a4a-8663-aa5cef90eeb5
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 1D9A 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=cqjing&e=1535582086632
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
53033
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 24 Dec 2022 10:07:25 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 15 Dec 2022 19:23:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
100, 275594
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220086-HHN
X-Timer
S1671876446.670174,VS0,VE0
rd_log
fra1-ib.adnxs.com/ Frame BE2C 		0
930 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fforward.com%2F&e=wqT_3QLbDPBMWwYAAAMA1gAFAQjWnpudBhCHmeLFmK2-9CIYja-4qpOZ7ppWKjYJ0ytlGeJYhz8R2iRB44JmgT8ZAAAAgD0K7z8h2iRB44JmgT8p0ysJJPCBMQAAAEDhepQ_MJeHhQw4mFBA6j9IAlDe--ByWJ7Nf2AAaLHylwF4mogGgAEBigEDVVNEkgEDRVVSmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCU3VmKCdhJywgNDgyMDI3NCwgMCk7dWYoJ2knLCA0ODI1ODE0LBEUMGcnLCAxMjczODk2NywRFTByJywgMjQwNjY0MDMwBRb0FwGSAqUEIVlXa0hnQWkza3RVVkVONzc0SElZQUNDZXpYOHdBRGdBUUFCSTZqOVFsNGVGREZnQVlMMEdhQUJ3QUhnQWdBRUFpQUVBa0FFQm1BRUJvQUVCcUFFQnNBRUF1UUdvVV8yX29WcUhQOEVCcUZQOXY2RmFoel9KQVFBQUFBQUFBUEFfMlFFQUFBQUFBQUR3UC1BQjFzV21BdlVCemN6TVBaZ0NBS0FDQWJVQ0FBQUFBTDBDQUFBQUFNQUNBTWdDQU5BQ0FOZ0NBT0FDQU9nQ0FQZ0NBWUFEQVpnREFib0RDVVpTUVRFNk5qWXhOLUFEaURDQUJQRDh4UVNJQkxTUnpBU1FCQUdZQkFHNkJCb0loUVFSQUFBAZoQQTBEOFoFCQkBHGdnc2FMRHNFEa0UQTBEX0pCCRwFARQyQVFBOFER2WBBQUFJZ0YyVE9wQlVnekZrMW5KLTRfc1FVARoJARhNRUZtcG1aAQIQdVRfSkIBOxxFQkpNYjBfMC4oAAhOa0YJMchBQThEX2dCZlFJOEFXWHc0a0ctQVd5bXFZQ2dnWURWVk5FaUFZQWtBWUJtQVlBb1FhYW0FXjRtNVA2Z0dCTElHSkFrQRUBAEIVywxBQUJrFRcEQUMdGERMZ0dDZy4umgKVASFjUmJMV1E2KQIobnMxX0lBQW9BREcZbUx6b0pSbEpCTVRvMk5qRTNRSWd3UwHdAQEMUEFfVREMDEFBQVcdDABZEQwMTkFfYREMDEFBQWMdDBBlQUNKQREQuFBBX9gCAOACm4VO6gIUaHR0cHM6Ly9mb3J3YXJkLmNvbS_yAhEKBkFEVl9JRBIHbTk48gISCgZDUEdfSUQSCDEyaSUY8gIKCgVDUAEUGAEw8gINCggBNgxGUkVRERAcUkVNX1VTRVIFEAARCSA8Q09ERRIFNDU3ODjyAiMKCAFWBRQYFzAwazM5MAEBTHFmVEkxQUFNX2RlXzXyAgsKB0NQCSUcAPICEAoFSU8BdQAHbcIY8gIdCgdJTwkhDBIwMDYNRmBzeWNvRUFBUfICEwoPQ1VTVE9NX01PREVMAT0UAPICGgoWMhYAIExFQUZfTkFNRQEdCB4KGjYdAAhBU1QBPhBJRklFRAEhHA0KCFNQTElUAU3wsAEwgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgD8NKSAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBAw4MC4yNTUuNy4xMDioBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADSBA44MTcwI0ZSQTE6NjYxN9oEAggB4AQB8ATe--ByiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAEMeAAA2AUB4AUB8AWNvCn6BQQIABAAkAYAmAYAuAYAwQYJIyjwP9AG6CnaBhYKEAkRGQF0EAAYAOAGAfIGAggAgAcBiAcAoAcByAeaiAbSBw0JESgBJgjaBwYBXXAYAOAHAOoHAggA8AeWxQOKCAIQAJUIAACAP5gIAQ..&s=13b302d0f2c0d874cd8454794712578501c4fb35&bdref=https%3A%2F%2Fforward.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fforward.com%2F,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dcqjing%26e%3D1535582086632,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dcqjing%26e%3D1535582086632&
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=cqjing&e=1535582086632
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:25 GMT
AN-X-Request-Uuid
70732999-f7ad-480f-a6e3-51c800b5af0f
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
banner
ad2.adfarm1.adition.com/ Frame BCC6 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad2.adfarm1.adition.com/banner?sid=2885601&adjsver=3&fvers=&iframe=1&ref=https%3A//flashnetic.com/r/p.html%3Ff%3Dkwqcltffp%26e%3D1971603729092&ro=https%3A//flashnetic.com/r/p.html%3Ff%3Dkwqcltffp%26e%3D1971603729092&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/108.0.5359.124%20Safari/537.36&os=17&browser=11&userid=7180654624183416986&kid=5572862&kw=PACS%5F4787252%5F17071377&gdpr=0&screen_res=6&wpt=J&clickurl=https%3A%2F%2Ffra1%2Dib.adnxs.com%2Fclick%3Fyq8V4zQk4D%2D77vLtcNrYPwAAAIAUruc%5FRxz1wmt%5F5D%5FH155ZEqDqPyAipzZN7NVxjRdONcm4NVZWz6ZjAAAAAHlDgQEYKAAAsAQAAAIAAAC8Az8YnuYfAAAAAABVU0QARVVSACwB%2DgAx%2DQAAAAABAQUCAAAAAMoAuSfJEwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521%2DhFt%2DAjJo5YaELyH%5FMEBGJ7NfyAAKAAxAAAAAAAAAAA6CUZSQTE6NTMxOUCIMElIMxZNZyfuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTIwMCNGUkExOjUzMTk%3D%2Fbn%3D93185%2Fclickenc%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7180654637069372426%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7180654624183416986%2526sid%253D4787252%2526kid%253D5641793%2526bid%253D17071377%2526c%253D37455%2526keyword%253D%25255Bmtp%25255D%252528cid%252529406782908%25255BAAID%25255D%25255BIDFA%25255D%25255Bu%25255Dhttps%25253A%25252F%25252Fforward.com%25252F%25255Bp%25255D1654713%25255Bmtp%25255D%252528segc%252529%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D
Requested by
Host: ad2.adfarm1.adition.com
URL: https://ad2.adfarm1.adition.com/js?wp_id=2885601&gdpr=0&gdpr_consent=&ts=7180654637069372426&kid=5572862&keyword=PACS_4787252_17071377&clickurl=https%3A%2F%2Ffra1%2Dib.adnxs.com%2Fclick%3Fyq8V4zQk4D%2D77vLtcNrYPwAAAIAUruc%5FRxz1wmt%5F5D%5FH155ZEqDqPyAipzZN7NVxjRdONcm4NVZWz6ZjAAAAAHlDgQEYKAAAsAQAAAIAAAC8Az8YnuYfAAAAAABVU0QARVVSACwB%2DgAx%2DQAAAAABAQUCAAAAAMoAuSfJEwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521%2DhFt%2DAjJo5YaELyH%5FMEBGJ7NfyAAKAAxAAAAAAAAAAA6CUZSQTE6NTMxOUCIMElIMxZNZyfuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTIwMCNGUkExOjUzMTk%3D%2Fbn%3D93185%2Fclickenc%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7180654637069372426%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7180654624183416986%2526sid%253D4787252%2526kid%253D5641793%2526bid%253D17071377%2526c%253D37455%2526keyword%253D%25255Bmtp%25255D%252528cid%252529406782908%25255BAAID%25255D%25255BIDFA%25255D%25255Bu%25255Dhttps%25253A%25252F%25252Fforward.com%25252F%25255Bp%25255D1654713%25255Bmtp%25255D%252528segc%252529%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.21 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad2.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
c4ee1c3fc85b6c8201462e13810e5a624a48664d974084571dd56ae2ddc3e70f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:07:25 +0100
content-encoding
gzip
server
ADITIONSERVER v1.0
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
content-type
text/javascript
cache-control
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
vevent
fra1-ib.adnxs.com/ Frame 3B7F 		0
951 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fforward.com%2F&e=wqT_3QLTCvBMUwUAAAMA1gAFAQjVnpudBhCp26f54pGY1xEYja-4qpOZ7ppWKjYJy7kUV5V9pz8RQhwM8R89oz8ZAAAAgD0K7z8hQhwM8R89oz8py7kJJPTyATEAAABA4XqUPzCXh4UMOJhQQB1ICFCZjru2AViezX9gAGix8pcBeLrXBYABAYoBA1VTRJIBA0VVUpgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgApuFTuoCFGh0dHBzOi8vZm9yd2FyZC5jb20vgAMAiAMBkAMAmAMXoAMBqgPLBgqDBmh0dHA6Ly90YWdzLm1hdGh0YWcuY29tL25vdGlmeS9pbWc_ZXhjaD1hcG4mc19leGNoPWFwbiZpZD01YVc5NXEyakx6SXpMeUF2VDFkYWEwOVVSVEJhVkdOMFRXcFdhVTlUTUhwYVIwMHpURlJCZDAxRVFYUk5SRUYzVFVSQmQwMUVRWGROUkVGM0x6WXdOakUzT0RjeU1qVXhNemN5TnpVd05TODJOakl5TkRBeEx6UTFOakl6TVRJdk1UTXZabFZ6ZGpNMldsaE5Za1ZJUW5veU5WQXdiR3hqWWtKblEwaHVhVFJTYmt4VFRqaHJaMUJ5VDNOVFRTOHhMekV6THpBdk1DODVOVFk0TURNdk1UTTFPRGc1TURnMk1DOHlNVFkxTXpZdk5qVXhPRGN4THpFdk1DOHdMMDFFUVhkTlJFRjNUVVJCZEUxRVFYZE5RekIzVFVSQmQweFVRWGROUkVGMFQFEBQxRVFYZE4V-Ax5OHdMCXwFCHROakEyTVRjNE56SXlOVEV6TnpJM05UQTFMM3B5YUMBJPC2RTVOUzgwTmk4NU9Ua3ZNekl5THpnd0xqSTFOUzQzTGpBdk1DNHdNREF2TVRZM01UZzNOalF6T0M4eE5qY3hPRGc1TURNNEx6RXpMekV3TWpZMEx3L3N5YlUzOVZjNTE1R3Q3NUJWRktQeFljVk9xVSZub2RlaWQ9Mzc0OSZncm91cD16cmgmYXVjdGlvbmlkPTYwNjE3ODcyMjUxMzcyNzUwNSZwYnNfYXVjdGlvbmlkPTYwNjE3NiEAHHNoYXJka2V5ThwA9EgBcHJpY2U9JHtBVUNUSU9OX1BSSUNFfSZicD1hX2FlZmlpYSZuZnlfYWN0PUxENXdmM1UmYmZpcD0xODUuMjkuMTMzLjYwJnNpZD00NTYyMzEyJmNpZD02NjIyNDAxJnNyYz1hcGkmdHlwZT1udXJsJmNsaWVudD1zMnMSEjYwNjE3ODcyMjUxMzcyNzUwNRoTMTI3NDA2MTkwODM4NTMyODU1MyIJMzgyNjUwMTM3KgYxMDE5MzY6BzY2MjI0MDHAA6wCyAMA2APw0pIB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDgwLjI1NS43LjEwOKgEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANoEAggB4AQB8ASZjru2AYgFAZgFAKAFuu-T0O2bwfwUwAUAyQUAAAAAAADwP9IFCQkBCgEBcNgFAeAFAfAFi-tL-gUECAAQAJAGAJgGALgGAMEGASE0AADwP9AG-asB2gYWChAJEhkBmBAAGADgBgHyBgIIAIAHAYgHAKAHAaoHBjY1MTg3McgHutcF0gcNCRExAS8I2gcGAWdwGADgBwDqBwIIAPAHlsUDiggCEACVCAAAgD-YCAE.&s=38d1097e9911c0c8c60539df27d3222436b8a25d&type=nv&nvt=5&jm=1003&px=0&py=0&bw=728&bh=90&sid=1425382271713132305&vd=ct~0|rr~0&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=25248663&sw=1600&sh=1200&pw=728&ph=90&ww=728&wh=90&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/231/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:25 GMT
AN-X-Request-Uuid
05ee8335-a144-4958-9e92-8a817d20b624
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cm
u.openx.net/w/1.0/ Frame 2415 		0
35 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid.bidstreamserver.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Requested by
Host: ads.bidstreamserver.com
URL: https://ads.bidstreamserver.com/js/prebid-bidstream-7.16.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Sat, 24 Dec 2022 10:07:25 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
html5API.js
cdn.flashtalking.com/frameworks/js/api/2/10/ Frame D9EF 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/129256/3290827/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
b24207967ac402c984033e70a55264014d8a2c4a6528b5196881e3781f0c5a44

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:25 GMT
Content-Encoding
gzip
x-amz-request-id
3TCAKCN90Q9PME8W
Connection
Keep-Alive
Content-Length
28626
x-amz-id-2
7fnC0xP1SetsKtKpzqjHTWFnfaqJ+Ih/vEnk9lztgC8Pz8xmtvUBO+PlLvQu2YgZ9pLpvAaqMlU=
Last-Modified
Mon, 15 Aug 2022 14:14:24 GMT
ETag
"1660572864"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-HW
1671876439.dop231.fr8.t,1671876439.cds164.fr8.shn,1671876440.dop231.fr8.t,1671876445.cds274.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=15898
Accept-Ranges
bytes
gsap.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.2.6/ Frame D9EF 		58 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.2.6/gsap.min.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/129256/3290827/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddaae7809050477153c9e46d2f79ae00615a19c2fc887b2e6d83aaab8f2604bc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3254390
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21169
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-e6bb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q8mW%2FuzkWOMEdrbK4Kc0VsOYBkgB%2FCXWVg4LJpEz9m17YdAoKpoHPi7uLmC%2Fj%2FLp%2Bt7EszlTE38uu8rt7oZlWImsMgP%2FY4JW68xnzE0gZuBQV%2FHxnvqTZy6GSJh1NGAyou61HmcmVbc6PUXpuEZCYgAQ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e887aa2bd39b5b-FRA
expires
Thu, 14 Dec 2023 10:07:25 GMT
SplitText.min.js
cdn.flashtalking.com/129256/3290827/js/ Frame D9EF 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/129256/3290827/js/SplitText.min.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/129256/3290827/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
72066761670e67f7821cf496191827c6835c2dbb89b031a7ca498efd31c60d12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:25 GMT
Content-Encoding
gzip
x-amz-request-id
CH7RYEJYASR0TWQY
Connection
Keep-Alive
Content-Length
5155
x-amz-id-2
ToveK1yM+HG+cG1mIOQYwajzQFZjC/KN/HX9Z7g2GuqgdegIIgHRJd6bCu3n7L6PIm2zC7bveBQ=
Last-Modified
Mon, 28 Dec 2020 13:38:21 GMT
ETag
"1609162701"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
X-HW
1671876439.dop139.fr8.t,1671876439.cds159.fr8.shn,1671876440.dop139.fr8.t,1671876445.cds274.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1095
Accept-Ranges
bytes
adition.js
imagesrv.adition.com/js/ Frame E4A3 		32 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/js/adition.js
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:25 GMT
content-encoding
br
last-modified
Thu, 21 Oct 2021 06:32:42 GMT
etag
"4043560335-br"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
8355
js
ad4.adfarm1.adition.com/ Frame E4A3 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4.adfarm1.adition.com/js?wp_id=4787253&gdpr=0&gdpr_consent=&prf[paappid]=&prf[padevid]=&prf[IDFA]=&prf[ADVERTISINGID]=&prf[pasource]=&prf[paplacementid]=6063205&prf[papublisherid]=1654713&prf[paref]=https%3A%2F%2Fforward.com%2F&prf[pasupplytype]=0&prf[padsp]=apx&prf[padevice]=0&prf[paadformat]=728x90&prf[pavendor]=&prf[paclickid]=&prf[pacarrier]=1&prf[paauction]=1169128554313985298&prf[pageolat]=&prf[pageolon]=&prf[padspuserid]=6212074435349714829&prf[passp]=10264&keyword=[mtp](cid)406782912[AAID][IDFA][u]https%3A%2F%2Fforward.com%2F[p]1654713[mtp](segc)&clickurl=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FKHqKBn054D9ViIyJNfvYPwAAAIA9Cu8_Rxz1wmt_5D_H155ZEqDqPxKtptA5lDkQjRdONcm4NVZaz6ZjAAAAAJdDgQEYKAAAsAQAAAIAAADAAz8YnuYfAAAAAABVU0QARVVSANgCWgAx-QAAAAABAQUCAAAAAMoAlSQ4oQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521ABKf-gjJo5YaEMCH_MEBGJ7NfyAAKAAxAAAAAAAAAAA6CUZSQTE6NTc3MUCIMElIMxZNZyfuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTIwMCNGUkExOjU3NzE%3D%2Fbn%3D93239%2Fclickenc%3D
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad4.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
a8a878bfcdb3c21269b705c923748850ac2d54fba507c752c6eb26ea766e93ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
date
Sat, 24 Dec 2022 11:07:25 +0100
cache-control
max-age=600
content-encoding
gzip
content-type
application/x-javascript
server
ADITIONSERVER v1.0
expires
Sat, 01 Jan 2000 00:00:00 GMT
trk.js
cdn.adnxs.com/v/s/231/ Frame E4A3 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/231/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a6014f6b98eaeb6078b9e1c953c61f33af95d5f4866d89a416d01b74a0dd6c27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Expires
Wed, 06 Dec 2023 04:35:13 GMT
Date
Sat, 24 Dec 2022 10:07:25 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
1575132
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27455
X-Served-By
cache-lga13620-LGA, cache-hhn-etou8220052-HHN
Last-Modified
Wed, 30 Nov 2022 10:07:25 GMT
Server
AkamaiNetStorage
X-Timer
S1671876446.807824,VS0,VE0
ETag
"48b9fe7fe4120aea6f95a30f505d7b35:1669802845.0694"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
17, 2166507
it
fra1-ib.adnxs.com/ Frame E4A3 		0
930 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fforward.com%252F&e=wqT_3QLQCvSsAlAFAAADANYABQEI2p6bnQYQktqahZ2H5ZwQGI2vuKqTme6aVio2CSh6igZ9OeA_EVWIjIk1-9g_GQAAAIA9Cu8_IUcc9cJrf-Q_KcfXnlkSoOo_MQAAAEDhepQ_MJeHhQw4mFBAsAlIAlDAh_zBAViezX9gAGix8pcBeLfYBYABAYoBA1VTRJIBA0VVUpgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAmh1ZignYScsIDk4MTE3MCwgMCk7dWYoJ2knLCA3ODgyNzMwLCAwKTt1ZignZycsIDE5ODg1NjI1LCAwKTt1ZigncycsIDI4MDg5MDY1OSwgMCk7dWYoJ3InLCA0MDY3ODI5MTIsIDApO5ICtQQhbTJqdjd3akpvNVlhRU1DSF9NRUJHQUFnbnMxX01BQTRBRUFBU0xBSlVKZUhoUXhZQUdDOUJtZ0FjQUo0QUlBQkNJZ0JBSkFCQVpnQkFhQUJBYWdCQWJBQkFMa0JKeHhCdnRjVzZUX0JBYlZjLUxJUG9Pb195UUVBQUFBQUFBRHdQOWtCU0RNV1RXY243al9nQWVxUDRRUDFBYmkyU0QtWUFnQ2dBZ0cxQWdBQUFBQzlBZ0FBQUFEQUFnYklBZ0RRQWdiWUFnRGdBZ0RvQWdENEFnQ0FBd0dZQXdHaUF3NEludDJ4SnhBQkdBSXRBQURBUUtJRERnaWUzYkVuRUFzWUFpMEFBTUJBdWdNSlJsSkJNVG8xTnpjeDRBT0lNSUFFMWVUd0NZZ0UzdVR3Q1pBRUFKZ0VBY0VFQUFBQUFBQUFBQURKQkFBQUFBQUFBQUFBMkFRQThRUUFBQUFBQUFBQUFJZ0ZpeTJZQmFPYS1JVUJxUVZJTXhaTlp5ZnVQN0VGQUFBQUFBQUFBQURCQlEFUVBBQUJoQXlRVUFBQUNnNUxuQVA5RUYNGhhBQUFEWkJRAQjIQUFBUEFfNEFXRWlnWHdCYm5jdlFuNEJiTHhPNElHQTBWVlVvZ0dCSkFHQVpnR0FLRUdBATQFASRDb0JnU3lCaVFKBQ8JAQBSCQcFAQBaBQYJAQBoCQcBAVhDNEJnby6aApkBIUFCS2YtZ2pKbzVZYVU5KEo3TmZ5QUFLQUF4AS8NAWQ2Q1VaU1FURTZOVGMzTVVDSU1FbElNeFpOWiEFBDFFDScQQUFBRmsBBgkBAEcdGABHHRgASB0YEEhnQWlRERDwqkR3UHcuLtgCAOACm4VO6gIUaHR0cHM6Ly9mb3J3YXJkLmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APw0pIB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDgwLjI1NS43LjEwOKgEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANIEDjEyMDAjRlJBMTo1Nzcx2gQCCAHgBAHwBIUrIIgFAZgFAKAF_xEBGAHABQDJBQAFARTwP9IFCQkFC3gAAADYBQHgBQHwBcoB-gUECAAQAJAGAJgGALgGAMEGASAwAADwP9AG8wPaBhYKEAkRGQFwEAAYAOAGAfIGAggAgAcBiAcAoAcByAe32AXSBw0VYwEmCNoHBgFdcBgA4AcA6gcCCADwB5bFA4oIAhAAlQgAAIA_mAgB&s=531f11e896e61ac6205c4b26db13460b24e7a103
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:25 GMT
AN-X-Request-Uuid
bcae32c1-d166-4da3-90be-a400fd2f7544
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
adv_jstag_2.js
cdn.advanseads.com/content_server/1.0/ Frame F51F 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.advanseads.com/content_server/1.0/adv_jstag_2.js
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-79.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
70f7b6feaec4f65bae5e9eab6f60dbd1f08a96b90227a8559335e7be3d282a09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:21 GMT
Content-Encoding
gzip
Via
1.1 2afacc6ad96dbba3f0b477cd95f16458.cloudfront.net (CloudFront)
Last-Modified
Mon, 21 Nov 2022 21:46:06 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA2-C2
Age
14
ETag
"378c88f7f21344870fc35df344e93ba3"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Cache-Control
max-age=60
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4214
X-Amz-Cf-Id
yFUXMaUqwSzmcINfgmtPTCFBx_d3SMEimDgE9UAPKPg_WhKLMzdkfg==
dcmads.js
www.googletagservices.com/dcm/ Frame F51F 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9406a92f81fad251295cd64386a8bb62ee7503f589ae1b96893faae2f4fcb18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 09:31:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2131
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10900
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 17:19:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 24 Dec 2022 10:31:54 GMT
apn
beacon.sojern.com/imp/ Frame F51F 		42 B
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.sojern.com/imp/apn?auc=7456801128598311661&cr=265671402&seg=&st=0&bp=0.01007&pp=0.01007&aaid=&idfa=&ord=111838169
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
119.244.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
date
Sat, 24 Dec 2022 10:07:25 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
vary
Accept-Encoding
content-type
image/gif
ca
choices.truste.com/ Frame F51F 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.truste.com/ca?pid=sojern01&aid=sojern02_d&cid=0&c=111838169&sz=728x90&js=st_dapp
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-7.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
3cef1864f3b4a587c446729a5ee0eb8ae906ec76154e956b797e467c653d0024
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 ff2bcb2d3b4a3d9e0615ddd1033c38c4.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop
FRA2-C2
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
918
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
text/javascript;charset=UTF-8
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
cy5T8pLOP4cxvr_9UFLFrmivN22jFsWULY-4PyPjoWRlgt8N2igyzA==
expires
Mon, 26 Jul 1997 05:00:00 GMT
trk.js
cdn.adnxs.com/v/s/231/ Frame F51F 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/231/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a6014f6b98eaeb6078b9e1c953c61f33af95d5f4866d89a416d01b74a0dd6c27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Expires
Wed, 06 Dec 2023 04:35:13 GMT
Date
Sat, 24 Dec 2022 10:07:25 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
1575133
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27455
X-Served-By
cache-lga13620-LGA, cache-hhn-etou8220027-HHN
Last-Modified
Wed, 30 Nov 2022 10:07:25 GMT
Server
AkamaiNetStorage
X-Timer
S1671876446.814843,VS0,VE0
ETag
"48b9fe7fe4120aea6f95a30f505d7b35:1669802845.0694"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
17, 1439444
it
fra1-ib.adnxs.com/ Frame F51F 		0
930 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fforward.com%252F&e=wqT_3QKmCvBMJgUAAAMA1gAFAQjanpudBhDtpdb25aP4vWcYja-4qpOZ7ppWKjYJcaJdhZSfhD8RYAXi96K9fj8ZAAAAgD0K7z8hYAXi96K9fj8pc6IJJPCBMQAAAEDhepQ_MJeHhQw4mFBA6j9IAlDqpdd-WJ7Nf2AAaLHylwF4xNYFgAEBigEDVVNEkgEDRVVSmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCU3VmKCdhJywgMjkzNjU4MywgMCk7dWYoJ2knLCA0ODA2NTgxLBEUMGcnLCAxMjcwMDE4MSwRFTByJywgMjY1NjcxNDAyBRb0FwGSAqUEITFtWlBHQWpGc2RBVkVPcWwxMzRZQUNDZXpYOHdBRGdBUUFCSTZqOVFsNGVGREZnQVlMMEdhQUJ3QUhnQWdBRUFpQUVBa0FFQm1BRUJvQUVCcUFFQnNBRUF1UUdFSWNwY0ZxR0VQOEVCaENIS1hCYWhoRF9KQVFBQUFBQUFBUEFfMlFFQUFBQUFBQUR3UC1BQnRhLWxBdlVCemN6TVBaZ0NBS0FDQWJVQ0FBQUFBTDBDQUFBQUFNQUNBTWdDQU5BQ0FOZ0NBT0FDQU9nQ0FQZ0NBWUFEQVpnREFib0RDVVpTUVRFNk5UTXdOdUFEaURDQUJOajl3Z1NJQlBXY3lRU1FCQUdZQkFHNkJCb0loUVFSQUFBAZoQQTBEOFoFCQkBHGdnc2FMRHNFEa0UQTBEX0pCCRwFARQyQVFBOFER2WBBQUFJZ0Z1aW1wQlVnekZrMW5KLTRfc1FVARoJARhNRUZtcG1aAQIQdVRfSkIBOxxDQmJ5YmtfMC4oAAhOa0YJMchBQThEX2dCZThIOEFXVmxJY0ctQVdIbnJNQmdnWURWVk5FaUFZQWtBWUJtQVlBb1FhYW0FXjBtNVA2Z0dCTElHSkFrEUsIQUFCFcsMQUFCaxkYAEMdGEBMZ0dDZy4umgKVASFUQmJaVDopAihuczFfSUFBb0FERxltTHpvSlJsSkJNVG8xTXpBMlFJZ3dTAd0BAQxQQV9VEQwMQUFBVx0MAFkRDAxOQV9hEQwMQUFBYx0MEGVBQ0pBERDw0FBBX9gCAOACm4VO6gIUaHR0cHM6Ly9mb3J3YXJkLmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APw0pIB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDgwLjI1NS43LjEwOKgEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANIEDjgxNzAjRlJBMTo1MzA22gQCCAHgBAHwBOql136IBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAACQ5w2AUB4AUB8AWaxBj6BQQIABAAkAYAmAYAuAYAwQYJIyjwP9AG6CnaBhYKEAkRGQF0EAAYAOAGAfIGAggAgAcBiAcAoAcByAfE1gXSBw0JESgBJgjaBwYBXXAYAOAHAOoHAggA8AeWxQOKCAIQAJUIAACAP5gIAQ..&s=7edfea02dbba676114808c864f139f70dcf509f6
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:25 GMT
AN-X-Request-Uuid
235d0a56-65c3-4a25-bfec-397a882609f9
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
fra1-ib.adnxs.com/ Frame 6F84 		0
951 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fforward.com%2F&e=wqT_3QKIFfBMiAoAAAMA1gAFAQjWnpudBhDU-5fFl8vevT4Yja-4qpOZ7ppWKjYJDJOpglFJfT8RflWRfrkedj8ZAAAAgBSu5z8hflWRfrkedj8pDJMJJPCaMQAAAEDheoQ_MPmGhQw4mFBA4RhIAlCb0ra5AViezX9gAGix8pcBeL7ZBYABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJpdWYoJ2EnLCA0NTA2MTg4LCAwKTt1ZignaScsIDc2NTY5MjYsIDApO3VmKCdnJywgMTkxMDI1MDcsIDAJKTxzJywgMjc4NTgwOTIyLCAwCRYwcicsIDM4ODg2ODM3OQUW9IEBkgLpDiFOMjVRbVFqWDl1TVpFSnZTdHJrQkdBQWduczFfTUFFNEFFQUFTT0VZVVBtR2hReFlBR0M5Qm1nQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkFxZ0JBckFCQUxrQk5FNWNPNVdXZXpfQkFmUkQ0TFgzUm4wX3lRRUFBQURBek16c1A5a0JTRE1XVFdjbjdqX2dBZDZyMHdQMUFRQUFRRUNZQWdDZ0FnQzFBZ0FBQUFDOUFnQUFBQURBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0SWdfeS1KeEFFR0FFdHdYS3dPYUlERXdpdDBfTW1FQW9ZQVMxbVptWV9NZ04xYm5HaUF3NEltcm1ZSlJBTEdBSXRBQUFBQUxvRENVWlNRVEU2TlRjM09lQURpRENBQkpIa3FnbUlCTENKcXdtUUJBR1lCQVNxQktZSENQX19fX19fX19fX193RVFfX19fX19fX19fX19BUmpfX19fX18FIww4QklQBQkJARR3RW9DREQJDAUBCDhCTzIgAARGQQUXDQEIQVVqDQoBAQg4QlU2LAAAWQEWEQEEQVc2WAAAYTYsAAB3ESgBARhBWGdCZ0FIAQsNAQg4Qmk6EAAAazoQACBtQUh3MHBJQm86GAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAAIDBBSDVob1VNMjoYAAA0OhAAADY6EAAAODoQABwtQUc1Qm9BQw3hBQEIQVlnNhAAAFo6IAAAWjogAABhOiAAAGE6IAAAYjogAABiOiAAAGM6IAAAYzogAABkOiAAAGQ6IAAAZTogAABlOiAAAGY6IAAAZjogAARZQS4VAiEANhAAAFo6IAAAWjogAABhOiAAAGE6IAAAYjogAABiOiAAAGM6IAAAYzogAABkOiAAAGQ6IAAQZUFEQU86FAAAZjo0AABmOiAACFlBRSXtDQEIQVlnNhAAAFo6IAAAWjogAABhOiAAAGE6IAAAYjogAABiOiAAAGM6IAAAYzogAABkOiAAAGQ6IAAAZTogAABlOiAAAGY6IAAAZjogAAhZQUYN-wUBCEFZZzYQAABaOiAAAFo6IACYYklFQ1FpLTZoRVFuOXlrRGJvRUdRanRDQkc0SG9YclViaWVQeGtBoaoFAVRDQy02aEhCQkxnZWhldFJ1SjRfeVFRBRsFARhOZ0VBUEVFBQwFAVBDSUJaTXRtQVc2bmV1RUFha0ZTRE3NJAgteEIdOwh3UVUFMgUBCE1rRgEIHG9BdHE2VF9SLigAADIVKMBEd1AtQUZ5d1h3QmF2MmpRbjRCY3lFa3dLQ0JnTkZWVktJQmdDUUJnR1lCZ0NoQmdBAVM0QUFBaEFxQVlFc2dZa0MdgABFHQwARx0MAEkdDDh1QVlLmgKZASFBUmZTMnc6bQcoSjdOZnlBQUtBQXgBZwEBLENFQTZDVVpTUVRFNsVxQFVDSU1FbElNeFpOWnlmdVAxPSwARj1pAEc9gQAyHRgASB0wDEhnQWnlgQEB8NdEd1B3Li7YAgDgApuFTuoCFGh0dHBzOi8vZm9yd2FyZC5jb20vgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgD8NKSAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBAw4MC4yNTUuNy4xMDioBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQOMzE2OSNGUkExOjU3NznaBAIIAeAEAfAEm9K2uQGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAABDnDYBQHgBQHwBavvSfoFBAgAEACQBgCYBgC4BgDBBgEhMAAA8D_QBv8L2gYWChAJERkBdBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHvtkF0gcNCREoASYI2gcGAV1wGADgBwDqBwIIAPAHlsUDiggCEACVCAAAgD-YCAE.&s=b0c88da3c29f5faeb5eab73393b8f1c3b9534a8e&type=pv&jm=1003&px=0&py=0&bw=300&bh=250&sf=0.65&sid=1425382271713132305&vd=ct~0|rr~5&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=25248633&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/231/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:25 GMT
AN-X-Request-Uuid
9b7267d3-59a3-437f-83c8-c6cbff1264f4
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 1352 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:25 GMT
AN-X-Request-Uuid
a7e58cbf-0fcc-43a3-ba9a-dee51a1fbb11
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 83CA 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4242739698c2f3110de5167132d4544e0011514068fcb5d7d86d1a89bcd8a30f

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
77e887aa6b969a1d-FRA
content-encoding
br
content-type
text/html
date
Sat, 24 Dec 2022 10:07:25 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zgl2trlN7vXOEHzRnkeCSSqgZZNy6Gcq5fMWiOYGM6yeUKpIE89xIzFsyMwzutfWd%2B5PG6ulIC%2BWpTwrASIiqAP6hu0vdn0ZGL6IyOyrKjJvWprPSgxZhcw41vLg8Xsys%2B0fHqQepd5XvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame B4FB 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:25 GMT
AN-X-Request-Uuid
1824693c-ad25-4340-91a9-c2da250304c6
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
e679d3fffbc33a58b9ed513096866bfa.js
s0.2mdn.net/sadbundle/2776815936793873956/ Frame 703C 		76 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2776815936793873956/e679d3fffbc33a58b9ed513096866bfa.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2776815936793873956/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d31be8e697dc47c0f181a418be8db313d095a0311ea96c25bb24a2905e7ce20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2776815936793873956/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 08:41:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5157
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19263
x-xss-protection
0
last-modified
Sat, 05 Sep 2020 10:31:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Dec 2023 08:41:28 GMT
4d684d06a5ab2eaa1dd91864ea416638.js
s0.2mdn.net/sadbundle/8627345791007471973/ Frame 0E58 		76 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8627345791007471973/4d684d06a5ab2eaa1dd91864ea416638.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8627345791007471973/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
863d5aaf2f72d62bdfae3724f7b12f0b52961c3990618beaad0e143f07c7bb26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8627345791007471973/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 18 Dec 2022 00:42:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
552276
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19264
x-xss-protection
0
last-modified
Tue, 25 Aug 2020 14:09:36 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 18 Dec 2023 00:42:49 GMT
banner
ad2.adfarm1.adition.com/ Frame 9A69 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad2.adfarm1.adition.com/banner?sid=2885601&adjsver=3&fvers=&iframe=1&ref=https%3A//flashnetic.com/r/p.html%3Ff%3Dtnpxzjf%26e%3D1971603729092&ro=https%3A//flashnetic.com/r/p.html%3Ff%3Dtnpxzjf%26e%3D1971603729092&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/108.0.5359.124%20Safari/537.36&os=17&browser=11&userid=7180654624183416986&kid=5572862&kw=PACS%5F4787252%5F17071377&gdpr=0&screen_res=6&wpt=J&clickurl=https%3A%2F%2Ffra1%2Dib.adnxs.com%2Fclick%3FkmrOcDsU4D8iU7tT2MHYPwAAAIAUruc%5FR8XGl%2Dxq5D8TDyibcoXqP7FgxrpyvWxnjRdONcm4NVZWz6ZjAAAAAHlDgQEYKAAAsAQAAAIAAAC8Az8YnuYfAAAAAABVU0QARVVSACwB%2DgAx%2DQAAAAABAQUCAAAAAMoACCYpQAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521ABIX%2DgjJo5YaELyH%5FMEBGJ7NfyAAKAAxAAAAAAAAAAA6CUZSQTE6NTI5OECIMElIMxZNZyfuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTIwMCNGUkExOjUyOTg%3D%2Fbn%3D93260%2Fclickenc%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7180654637074942986%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7180654624183416986%2526sid%253D4787252%2526kid%253D5641793%2526bid%253D17071377%2526c%253D42599%2526keyword%253D%25255Bmtp%25255D%252528cid%252529406782908%25255BAAID%25255D%25255BIDFA%25255D%25255Bu%25255Dhttps%25253A%25252F%25252Fforward.com%25252F%25255Bp%25255D1654713%25255Bmtp%25255D%252528segc%252529%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D
Requested by
Host: ad2.adfarm1.adition.com
URL: https://ad2.adfarm1.adition.com/js?wp_id=2885601&gdpr=0&gdpr_consent=&ts=7180654637074942986&kid=5572862&keyword=PACS_4787252_17071377&clickurl=https%3A%2F%2Ffra1%2Dib.adnxs.com%2Fclick%3FkmrOcDsU4D8iU7tT2MHYPwAAAIAUruc%5FR8XGl%2Dxq5D8TDyibcoXqP7FgxrpyvWxnjRdONcm4NVZWz6ZjAAAAAHlDgQEYKAAAsAQAAAIAAAC8Az8YnuYfAAAAAABVU0QARVVSACwB%2DgAx%2DQAAAAABAQUCAAAAAMoACCYpQAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521ABIX%2DgjJo5YaELyH%5FMEBGJ7NfyAAKAAxAAAAAAAAAAA6CUZSQTE6NTI5OECIMElIMxZNZyfuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTIwMCNGUkExOjUyOTg%3D%2Fbn%3D93260%2Fclickenc%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7180654637074942986%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7180654624183416986%2526sid%253D4787252%2526kid%253D5641793%2526bid%253D17071377%2526c%253D42599%2526keyword%253D%25255Bmtp%25255D%252528cid%252529406782908%25255BAAID%25255D%25255BIDFA%25255D%25255Bu%25255Dhttps%25253A%25252F%25252Fforward.com%25252F%25255Bp%25255D1654713%25255Bmtp%25255D%252528segc%252529%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.21 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad2.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
56d69635dc1d2e540b43cd4bdc61d6a269497c184d41516b7d48625c5e7c5a8e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:07:25 +0100
content-encoding
gzip
server
ADITIONSERVER v1.0
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
content-type
text/javascript
cache-control
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 5A5E 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
adfc18322b091bcd55ca8835a1bf8f98f6aa8b872b5296ad22987309c1029aa3

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
77e887aacc5a9a1d-FRA
content-encoding
br
content-type
text/html
date
Sat, 24 Dec 2022 10:07:25 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7FMFwuKQddVvm4Apk1QnJCWovbwxkbmc3yqUGi8LeBhwZVt0dTz%2BzKF6br35V3%2FoJm8VQKbbEx72y8U7ssWeV%2FpefOSowFocLbcsyhZ0osLsvlLuiLWtVHwxmwjPUUhaMDAjrpPNBSW5zA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
dcmads.js
www.googletagservices.com/dcm/ Frame 07FC 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9406a92f81fad251295cd64386a8bb62ee7503f589ae1b96893faae2f4fcb18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 09:31:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2131
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10900
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 17:19:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 24 Dec 2022 10:31:54 GMT
apn
beacon.sojern.com/imp/ Frame 07FC 		42 B
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.sojern.com/imp/apn?auc=2676217695102160909&cr=271391539&seg=&st=0&bp=0.01188&pp=0.01188&aaid=&idfa=&ord=1841393452
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
119.244.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
date
Sat, 24 Dec 2022 10:07:25 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
vary
Accept-Encoding
content-type
image/gif
ca
choices.truste.com/ Frame 07FC 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.truste.com/ca?pid=sojern01&aid=sojern02_d&cid=0&c=1841393452&sz=728x90&js=st_dapp
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-7.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
3cef1864f3b4a587c446729a5ee0eb8ae906ec76154e956b797e467c653d0024
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 ff2bcb2d3b4a3d9e0615ddd1033c38c4.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop
FRA2-C2
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
918
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
text/javascript;charset=UTF-8
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
TnN1BwmLVdLpkDqjTuYBdhJa92U0hPhLgY3XOcz1e__P6COU49kkog==
expires
Mon, 26 Jul 1997 05:00:00 GMT
trk.js
cdn.adnxs.com/v/s/231/ Frame 07FC 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/231/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a6014f6b98eaeb6078b9e1c953c61f33af95d5f4866d89a416d01b74a0dd6c27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Expires
Wed, 06 Dec 2023 04:35:13 GMT
Date
Sat, 24 Dec 2022 10:07:25 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
1575133
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27455
X-Served-By
cache-lga13620-LGA, cache-hhn-etou8220027-HHN
Last-Modified
Wed, 30 Nov 2022 10:07:25 GMT
Server
AkamaiNetStorage
X-Timer
S1671876446.907006,VS0,VE0
ETag
"48b9fe7fe4120aea6f95a30f505d7b35:1669802845.0694"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
17, 1439445
it
fra1-ib.adnxs.com/ Frame 07FC 		0
930 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fforward.com%252F&e=wqT_3QKsCvBMLAUAAAMA1gAFAQjanpudBhCNoLeRiLr1kSUYja-4qpOZ7ppWKjYJv9TPm4pUiD8RxAiS1BEigj8ZAAAAgD0K7z8hxAiS1BEigj8pv9QJJPCBMQAAAEDhepQ_MJeHhQw4mFBA6j9IAlCztrSBAViezX9gAGix8pcBeLPYBYABAYoBA1VTRJIBA0VVUpgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAlN1ZignYScsIDUyMDA4NzksIDApO3VmKCdpJywgNTQwNTU3MRUULGcnLCAxMzkxMzE3NBUVFHInLCAyNwEXCDUzOQUW8IuSAqUEITlHaUp4d2pZclpBWEVMTzJ0SUVCR0FBZ25zMV9NQUE0QUVBQVNPb19VSmVIaFF4WUFHQzlCbWdBY0FCNEFJQUJBSWdCQUpBQkFaZ0JBYUFCQWFnQkFiQUJBTGtCX0w1LXJncFhpRF9CQWZ5LWZxNEtWNGdfeVFFQUFBQUFBQUR3UDlrQkFBQQUOdDhEX2dBWVAzeVFMMUFjM016RDJZQWdDZ0FnRzFBZwEjBEM5CQjwW0RBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdHQUF3R1lBd0c2QXdsR1VrRXhPalUyT0RuZ0E0Z3dnQVQ1cmJ3RmlBU3VycndGa0FRQm1BUUJ1Z1FhQ0lVRUVRAWgcQUFBTkFfR1EBCQkBIElJTEdpdzdCQgkPBSAEeVEdIRhOZ0VBUEVFER9cQUFDSUJia3NxUVZJTXhaTlp5ZnVQN0VGGSAYREJCWnFabQECQGJrX3lRVUFBQUJnekd5LVA5MigABFpCEWfAUEFfNEFXa0NmQUYxcGpSQnZnRjc3ZTlBb0lHQTFWVFJJZ0dBSkFHQVpnR0FLRUdtcAVeMFp1VC1vQmdTeUJpUUoZgARBUh0MAFodDABoGQw8QzRCZ28umgKZASE1aFdXSj4pAihKN05meUFBS0FBeBltUDg2Q1VaU1FURTZOVFk0T1VDSU1Faw1UDER3UDE9JABGERgMQUFBRxEYDERRUDIdGABIERgYQUFBSGdBaS49AvD1dy4u2AIA4AKbhU7qAhRodHRwczovL2ZvcndhcmQuY29tL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA_DSkgHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMODAuMjU1LjcuMTA4qAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA0gQOODE3MCNGUkExOjU2ODnaBAIIAeAEAfAEs7a0gQGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWGyzL6BQQIABAAkAYAmAYAuAYAwQYABSUo8D_QBugp2gYWChAFEB0BdBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHs9gF0gcNCREpASYI2gcGAV1wGADgBwDqBwIIAPAHlsUDiggCEACVCAAAgD-YCAE.&s=7dd71d0b23a1394ae78a34dd6b58d49fcf78d52f
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:25 GMT
AN-X-Request-Uuid
284b2e53-eb31-44d8-b35a-098dbbb04a8b
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
get
choices.trustarc.com/ Frame 482F 		739 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-full-tl.png
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=lskbzykrm&e=1066281148413
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-110.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
3e736be7e34c844a2d363f75a932ad7f305fc65507c697f698fc4f080f47730b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
public
date
Sat, 26 Nov 2022 06:26:51 GMT
via
1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA2-C1
age
2432434
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
content-length
739
x-amz-cf-id
q_YMEQ0iO5xow9N_v6vFM-8d28Z__lKeBXUYYhgY_K9ndtDK-_YloQ==
expires
Mon, 26 Dec 2022 06:26:51 GMT
02307416-3f11-43e3-88c1-3faa45543ca7.jpg
crcdn01.adnxs-simple.com/creative/p/1200/2022/12/16/42090761/ Frame 482F 		86 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crcdn01.adnxs-simple.com/creative/p/1200/2022/12/16/42090761/02307416-3f11-43e3-88c1-3faa45543ca7.jpg
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=lskbzykrm&e=1066281148413
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.124.180 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-124-180.deploy.static.akamaitechnologies.com
Software
nginx/1.21.3 /
Resource Hash
3e724c0b5720d62b93d42d319a0002710a01cec39a97edd541a537b5320586de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:26 GMT
Last-Modified
Fri, 16 Dec 2022 09:04:38 GMT
Server
nginx/1.21.3
x-amz-request-id
b0a442fc-6e69-4ff3-9507-babfe54ad896
ETag
"bc21a3a99897191d1b57376fa64fc580"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
X-Clv-Request-Id
b0a442fc-6e69-4ff3-9507-babfe54ad896
Cache-Control
max-age=3888000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
88085
X-Clv-S3-Version
2.5
Expires
Tue, 07 Feb 2023 10:07:26 GMT
1x1.gif
imagesrv.adition.com/ Frame 482F
Redirect Chain
  • https://ad2.adfarm1.adition.com/banner?sid=4003897&gdpr=0&gdpr_consent=&kid=5351030&bid=17041482&wpt=C&ts=[timestamp]&kw=PACS_4786773_17057692_pv
  • https://imagesrv.adition.com/1x1.gif
68 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesrv.adition.com/1x1.gif
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=lskbzykrm&e=1066281148413
Protocol
H2
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
5fb3bdb7f966c852579fb6b0574517445d5b2d171c804d66227ee67b1bffca9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 24 Dec 2022 10:07:26 GMT
last-modified
Fri, 24 Jul 2009 13:46:10 GMT
accept-ranges
bytes
etag
"3122740758"
content-length
68
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:07:25 +0100
server
ADITIONSERVER v1.0
etag
7180654654253370125
content-type
text/plain
location
https://imagesrv.adition.com/1x1.gif
access-control-allow-origin
*
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
cache-control
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
B28097828.340101237;dc_pre=COXXq42BkvwCFazjuwgdDcYEEQ;dc_trk_aid=532281391;dc_trk_cid=174379125;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimp/N7861.4425511PIAADVERTISINGGMBH/ Frame 482F
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N7861.4425511PIAADVERTISINGGMBH/B28097828.340101237;dc_trk_aid=532281391;dc_trk_cid=174379125;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatme...
  • https://ad.doubleclick.net/ddm/trackimp/N7861.4425511PIAADVERTISINGGMBH/B28097828.340101237;dc_pre=COXXq42BkvwCFazjuwgdDcYEEQ;dc_trk_aid=532281391;dc_trk_cid=174379125;ord=[timestamp];dc_lat=;dc_rd...
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N7861.4425511PIAADVERTISINGGMBH/B28097828.340101237;dc_pre=COXXq42BkvwCFazjuwgdDcYEEQ;dc_trk_aid=532281391;dc_trk_cid=174379125;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=lskbzykrm&e=1066281148413
Protocol
H3
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:25 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N7861.4425511PIAADVERTISINGGMBH/B28097828.340101237;dc_pre=COXXq42BkvwCFazjuwgdDcYEEQ;dc_trk_aid=532281391;dc_trk_cid=174379125;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ai.aspx
m.exactag.com/ Frame 482F 		60 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.exactag.com/ai.aspx?extProvId=87&extPu=amexsbs-adition&extLi=5351030&extPm=4003897&extCr=17041482&gdpr=0&gdpr_consent=&rnd=INSERT_TIMESTAMP_HERE
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=lskbzykrm&e=1066281148413
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.202.235.9 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:25 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy
cross-origin
Connection
close
X-ET-Monitoring
1
X-Xss-Protection
0
Pragma
no-cache
Last-Modified
Sa, 24 Dez 2022 10:07:26 GMT
X-ET-Code
0
Content-Type
image/gif
Cache-Control
max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-ET-Camp
1888
Expires
Mon, 26 Jul 1997 05:00:00 GMT
skeleton.js
pixel.adsafeprotected.com/rjss/st/1095724/64411017/ Frame 482F 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/rjss/st/1095724/64411017/skeleton.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=lskbzykrm&e=1066281148413
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.4.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-4-225.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:25 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
1x1.gif
imagesrv.adition.com/ Frame 482F
Redirect Chain
  • https://ad4.adfarm1.adition.com/banner?sid=4786773&kid=5389952&bid=17057692&wpt=C&ts=1256456132&gdpr=0&gdpr_consent=
  • https://imagesrv.adition.com/1x1.gif
68 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesrv.adition.com/1x1.gif
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=lskbzykrm&e=1066281148413
Protocol
H2
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
5fb3bdb7f966c852579fb6b0574517445d5b2d171c804d66227ee67b1bffca9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 24 Dec 2022 10:07:26 GMT
last-modified
Fri, 24 Jul 2009 13:46:10 GMT
accept-ranges
bytes
etag
"3122740758"
content-length
68
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:07:25 +0100
server
ADITIONSERVER v1.0
etag
7180654654255401994
content-type
text/plain
location
https://imagesrv.adition.com/1x1.gif
access-control-allow-origin
*
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
cache-control
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
it
fra1-ib.adnxs.com/ Frame 482F 		0
930 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fforward.com%2F&e=wqT_3QLQCvDXUAUAAAMA1gAFAQjZnpudBhCx3IWL39ju2CsYja-4qpOZ7ppWKjYJnGYrGVRr4D8RA6HT7_JH2T8ZAAAAgD0K7z8h2LCF7V6_5D8piQyreCPz6j8xAAAAQOF6lD8wl4eFDDiYUECwCUgCUIeSx8EBWJ7Nf2AAaLHylwF47tAEgAEBigEDVVNEkgEDRVVSmAEBoAEBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJodWYoJ2EnLCA5ODExNzAsIDApO3VmKCdpJywgNzQzNDE1MSwgMCk7ASc8ZycsIDE4NDc1NDEyLCAwKQUpMHMnLCAyNzYzOTM4NzYVFjByJywgNDA1OTE1OTExBRbwtpICtQQhbldkMUNnaTBqcndaRUllU3g4RUJHQUFnbnMxX01BQTRBRUFBU0xBSlVKZUhoUXhZQUdDOUJtZ0FjQUI0QUlBQkNJZ0JBSkFCQVpnQkFhQUJBYWdCQWJBQkFMa0I5YVhFeUI5bDZUX0JBU01FSDZFaTgtb195UUVBQUFBQUFBRHdQOWtCU0RNV1RXY243al9nQWFmZnhRUDFBZmdvU3otWUFnQ2dBZ0cxQWdBQUFBQzlBZwE58IFEQUFnRElBZ0RRQWdEWUFnRGdBZ0RvQWdENEFnQ0FBd0dZQXdHaUF3NEkwYzM5SWhBQkdBSXRBQURnUUtJRERnalJ6ZjBpRUFzWUFpMEFBT0JBdWdNSlJsSkJNVG8xTmpnMTRBT0lNSUFFbGE3c0NJZ0VuSzdzQ0pBRUFKZ0VBY0VFAYYJAQhESkIJCQUBGDJBUUE4UVEFDAUBeElnRnRTeVlCWlRmNVlNQnFRVklNeFpOWnlmdVA3RUYFJAUBCERCQhE3QEJ4QXlRVUFBQUJBMmdXOVA5MigAAFoVKLhQQV80QVg2a1FYd0JaVFQ1d2o0QmJMeE80SUdBMFZWVW9nR0JKQUdBWmdHQUtFRwVnBQEkQ29CZ1N5QmlRSgUPCQEAUgkHBQEAWgUGCQEAaAkHAQFAQzRCZ28umgKZASFuQkZZMGc6OQIoSjdOZnlBQUtBQXgBLw0BTDZDVVpTUVRFNk5UWTROVUNJTUVsOQUEMUUNJxBBQUFGawEGCQEARx0YAEcdGABIHRgMSGdBaS5NAvD1dy4u2AIA4AKbhU7qAhRodHRwczovL2ZvcndhcmQuY29tL4ADAIgDAZADAJgDF6ADAaoDAMAD4KgByAMA2APw0pIB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDgwLjI1NS43LjEwOKgEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANIEDjEyMDAjRlJBMTo1Njg12gQCCAHgBAHwBIeSx8EBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFygH6BQQIABAAkAYBmAYAuAYAwQYABSUo8D_QBvMD2gYWChAFEB0BdBAAGADgBgzyBgIIAIAHAYgHAKAHQcgH7tAE0gcNCREpASYI2gcGAV1wGADgBwDqBwIIAPAHlsUDiggCEACVCAAAgD-YCAE.&s=f5951af6d177ccbd82900805a7ae908ea7754ea0
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=lskbzykrm&e=1066281148413
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:25 GMT
AN-X-Request-Uuid
e708638e-6386-4052-911d-bc34ff340798
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 87D9 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=lskbzykrm&e=1066281148413
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
53034
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 24 Dec 2022 10:07:25 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 15 Dec 2022 19:23:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
100, 275598
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220086-HHN
X-Timer
S1671876446.922204,VS0,VE0
rd_log
fra1-ib.adnxs.com/ Frame 482F 		0
930 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fforward.com%2F&e=wqT_3QLmDPDXZgYAAAMA1gAFAQjZnpudBhCx3IWL39ju2CsYja-4qpOZ7ppWKjYJnGYrGVRr4D8RA6HT7_JH2T8ZAAAAgD0K7z8h2LCF7V6_5D8piQyreCPz6j8xAAAAQOF6lD8wl4eFDDiYUECwCUgCUIeSx8EBWJ7Nf2AAaLHylwF47tAEgAEBigEDVVNEkgEDRVVSmAEBoAEBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJodWYoJ2EnLCA5ODExNzAsIDApO3VmKCdpJywgNzQzNDE1MSwgMCk7ASc8ZycsIDE4NDc1NDEyLCAwKQUpMHMnLCAyNzYzOTM4NzYVFjByJywgNDA1OTE1OTExBRbwtpICtQQhbldkMUNnaTBqcndaRUllU3g4RUJHQUFnbnMxX01BQTRBRUFBU0xBSlVKZUhoUXhZQUdDOUJtZ0FjQUI0QUlBQkNJZ0JBSkFCQVpnQkFhQUJBYWdCQWJBQkFMa0I5YVhFeUI5bDZUX0JBU01FSDZFaTgtb195UUVBQUFBQUFBRHdQOWtCU0RNV1RXY243al9nQWFmZnhRUDFBZmdvU3otWUFnQ2dBZ0cxQWdBQUFBQzlBZwE58IFEQUFnRElBZ0RRQWdEWUFnRGdBZ0RvQWdENEFnQ0FBd0dZQXdHaUF3NEkwYzM5SWhBQkdBSXRBQURnUUtJRERnalJ6ZjBpRUFzWUFpMEFBT0JBdWdNSlJsSkJNVG8xTmpnMTRBT0lNSUFFbGE3c0NJZ0VuSzdzQ0pBRUFKZ0VBY0VFAYYJAQhESkIJCQUBGDJBUUE4UVEFDAUBeElnRnRTeVlCWlRmNVlNQnFRVklNeFpOWnlmdVA3RUYFJAUBCERCQhE3QEJ4QXlRVUFBQUJBMmdXOVA5MigAAFoVKLhQQV80QVg2a1FYd0JaVFQ1d2o0QmJMeE80SUdBMFZWVW9nR0JKQUdBWmdHQUtFRwVnBQEkQ29CZ1N5QmlRSgUPCQEAUgkHBQEAWgUGCQEAaAkHAQFAQzRCZ28umgKZASFuQkZZMGc6OQIoSjdOZnlBQUtBQXgBLw0BTDZDVVpTUVRFNk5UWTROVUNJTUVsOQUEMUUNJxBBQUFGawEGCQEARx0YAEcdGABIHRgMSGdBaS5NAvBDdy4u2AIA4AKbhU7qAhRodHRwczovL2ZvcndhcmQuY29tL_ICEAoGQURWX0lEEgY5ODExNzDyAhIKBkNQR19JRBIIMThpTgEVCAVDUAEUBAkycU0Q8gINCggBPRhGUkVREgE0BRA0UkVNX1VTRVISATDyAgwJIBRDT0RFEgAFDwhDUEcVDxALCgdDUBUOEBAKBUlPAWEgBzc0MzQxNTHyASEESU8VITgTCg9DVVNUT01fTU9ERUwBKxQA8gIaChYyFgAcTEVBRl9OQU0FcQgeCho2HQAIQVNUAT4QSUZJRUQBPhwVCghTUExJVAFNGdnwhoADAIgDAZADAJgDF6ADAaoDAMAD4KgByAMA2APw0pIB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDgwLjI1NS43LjEwOKgEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANIEDjEyMDAjRlJBMTo1Njg12gQCCAHgBAHwBKVBIIgFAZgFAKAF_xEBGAHABQDJBQAFARTwP9IFCQkFC3gAAADYBQHgBQHwBcoB-gUECAAQAJAGAZgGALgGAMEGASAwAADwP9AG8wPaBhYKEAkRGQFwEAAYAOAGDPIGAggAgAcBiAcAoAdByAfu0ATSBw0VYwEmCNoHBgFdcBgA4AcA6gcCCADwB5bFA4oIAhAAlQgAAIA_mAgB&s=adf030ecf81ed1557010f48a9555201bcc1c92d3&bdref=https%3A%2F%2Fforward.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fforward.com%2F,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dlskbzykrm%26e%3D1066281148413,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dlskbzykrm%26e%3D1066281148413&
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=lskbzykrm&e=1066281148413
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:25 GMT
AN-X-Request-Uuid
a19498b8-f63f-4890-9d13-f45d73f96ba8
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
4a8c088ddbaf19de3b1550de9d1a1ddc.js
s0.2mdn.net/sadbundle/8820714032462456054/ Frame CB79 		76 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8820714032462456054/4a8c088ddbaf19de3b1550de9d1a1ddc.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8820714032462456054/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78785a3b0ea8bb1cc4957b11fccd45226356794b19bad2af74caceb328703be5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8820714032462456054/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 08:27:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
178779
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19335
x-xss-protection
0
last-modified
Sat, 05 Sep 2020 03:40:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 22 Dec 2023 08:27:46 GMT
async_usersync
ib.adnxs.com/ Frame F81A 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:25 GMT
AN-X-Request-Uuid
0233d600-4f53-4823-aade-8ffea018ab27
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame A5A1 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 24 Dec 2022 10:07:25 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame A5A1
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y6bPWOa4eXFjFoTtryyD1wAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELtoEg0zw9AuV8qnWchS9f8&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELtoEg0zw9AuV8qnWchS9f8&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:27 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=494
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELtoEg0zw9AuV8qnWchS9f8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame A5A1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJ57NvDKF-zGmN4-Sfn3qpU&google_cver=1
43 B
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJ57NvDKF-zGmN4-Sfn3qpU&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Oxwc9K8ktram9HB3y2m56Yu6F579XAOBjJiMYhVQ0PNhouyCNUbennd5GKVBNxyXuv6wwgH6IJh%2FH6Qdf2%2FWFi3SL9wFaKdrA95S3kQd0CIYgliNoLd%2FEXwKAd22ME4EWkb6orSp9S8wQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
77e887b7bce59a1d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJ57NvDKF-zGmN4-Sfn3qpU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame A5A1 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:27 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
405CWWNRSHPA8R4PAS1T
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame A5A1
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7236359441748730540&expiration=1673086047
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7236359441748730540&expiration=1673086047
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:27 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7236359441748730540&expiration=1673086047
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
rum
dsum-sec.casalemedia.com/ Frame A5A1
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=1bPmf4DmsivOs-Z91biqeNC0tnnOt-Yv0LOwaNNR
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=1bPmf4DmsivOs-Z91biqeNC0tnnOt-Yv0LOwaNNR
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:27 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=1bPmf4DmsivOs-Z91biqeNC0tnnOt-Yv0LOwaNNR
pragma
no-cache
date
Sat, 24 Dec 2022 10:07:27 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
ibs:dpid=23728&dpuuid=Y6bPWOa4eXFjFoTtryyD1wAA%261203
dpm.demdex.net/ Frame A5A1 		42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y6bPWOa4eXFjFoTtryyD1wAA%261203?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.144.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-144-110.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v045-017f03edc.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
VeyU4mX3RU8=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
rum
dsum-sec.casalemedia.com/ Frame A5A1
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=RYkEgvCERJBzmmKJkidp_FD_B2w
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=RYkEgvCERJBzmmKJkidp_FD_B2w
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:27 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=RYkEgvCERJBzmmKJkidp_FD_B2w
Date
Sat, 24 Dec 2022 10:07:27 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
htw-pixel.gif
cdn.indexww.com/ht/ Frame A5A1 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y6bPWOa4eXFjFoTtryyD1wAA%261203
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:27 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
5290
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77e887b28a6c2c06-FRA
content-length
43
expires
Sun, 25 Dec 2022 10:07:27 GMT
usermatch
ssum-sec.casalemedia.com/ Frame EFC8 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39f2f0d2c09bbc1153686ffb3811aac70f26dc6a5dd349f06f20dce68915d0c9

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
77e887abadf59a1d-FRA
content-encoding
br
content-type
text/html
date
Sat, 24 Dec 2022 10:07:26 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xab943zcdOmON%2FR%2BVfyDv5PJNLxTvOU98z7qsc7Kf5gXK8WwDqNZP%2BTN0mGZbalL3%2FAbAkCWbl5m6QB7gODof21GoIfqYs7wnyiSynZOpI29t64R2xPE7HKQw6C3dFsCaYvoLC3bISe2oA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
crum
dsum-sec.casalemedia.com/ Frame EBA2
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6212074435349714829
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6212074435349714829
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:27 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Date
Sat, 24 Dec 2022 10:07:26 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
9458e136-19f4-4d3a-ba48-c2762688129f
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6212074435349714829
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame EBA2 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:965e:3ef:16d0:9a4c Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:26 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame EBA2
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
2a05:d018:d29:3605:965e:3ef:16d0:9a4c Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:27 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB
date
Sat, 24 Dec 2022 10:07:27 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ie
match.prod.bidr.io/cookie-sync/ Frame EBA2 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.69.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-69-248.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:27 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame EBA2
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1687601247&external_user_id=0f9dbc53-35ba-4153-8459-b79d97bf2295
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1687601247&external_user_id=0f9dbc53-35ba-4153-8459-b79d97bf2295
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=491
Content-Length
43
Expires
0

Redirect headers

date
Sat, 24 Dec 2022 10:07:27 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1687601247&external_user_id=0f9dbc53-35ba-4153-8459-b79d97bf2295
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
bridge
cm.adgrx.com/ Frame EBA2 		43 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.95.96.108 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:27 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
ams-delivery-10
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT
rum
dsum-sec.casalemedia.com/ Frame EBA2
Redirect Chain
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=2d7cf11a-f2f3-4507-ab4d-0a168d870560&us_privacy=null&gdpr_consent=null&gdpr=null
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=2d7cf11a-f2f3-4507-ab4d-0a168d870560&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=2d7cf11a-f2f3-4507-ab4d-0a168d870560&us_privacy=null&gdpr_consent=null&gdpr=null
date
Sat, 24 Dec 2022 10:07:27 GMT
server
_
content-length
0
crum
dsum-sec.casalemedia.com/ Frame EBA2
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=h2WmCXc31P91r65
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=h2WmCXc31P91r65
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:27 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:26 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/4da9b91#4da9b91e1fcbbaec3beafc6ce8a7393d26d4f693 i-0e252bea97934d44f@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=h2WmCXc31P91r65
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame EBA2 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y6bPWOa4eXFjFoTtryyD1wAA%261203
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:27 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
5290
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77e887b28a6e2c06-FRA
content-length
43
expires
Sun, 25 Dec 2022 10:07:27 GMT
Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame D5D6 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:965e:3ef:16d0:9a4c Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:26 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame D5D6
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6212074435349714829
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6212074435349714829
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:27 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Date
Sat, 24 Dec 2022 10:07:26 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
2046b9a6-fe1a-4884-bb47-8d6bd2f151f1
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6212074435349714829
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame D5D6
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
2a05:d018:d29:3605:965e:3ef:16d0:9a4c Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:27 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB
date
Sat, 24 Dec 2022 10:07:27 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ie
match.prod.bidr.io/cookie-sync/ Frame D5D6 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.69.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-69-248.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:27 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
bridge
cm.adgrx.com/ Frame D5D6 		43 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.95.96.108 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:27 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
ams-delivery-10
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT
crum
dsum-sec.casalemedia.com/ Frame D5D6
Redirect Chain
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=298644c7-b1d6-4806-b869-1f6b22835d3d
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=298644c7-b1d6-4806-b869-1f6b22835d3d
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=298644c7-b1d6-4806-b869-1f6b22835d3d
date
Sat, 24 Dec 2022 10:07:27 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
content-type
text/html; charset=utf-8
crum
dsum-sec.casalemedia.com/ Frame D5D6
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D
date
Sat, 24 Dec 2022 10:07:27 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
crum
dsum-sec.casalemedia.com/ Frame D5D6
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y6bPWOa4eXFjFoTtryyD1wAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELtoEg0zw9AuV8qnWchS9f8&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELtoEg0zw9AuV8qnWchS9f8&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=492
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELtoEg0zw9AuV8qnWchS9f8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame D5D6 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y6bPWOa4eXFjFoTtryyD1wAA%261203
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:27 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
5290
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77e887b28a6f2c06-FRA
content-length
43
expires
Sun, 25 Dec 2022 10:07:27 GMT
async_usersync
ib.adnxs.com/ Frame 45A5 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:26 GMT
AN-X-Request-Uuid
4a19451b-496c-4798-9826-7681d22a1a1f
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixelSync
pixel-sync.sitescout.com/dmp/ Frame E0B7 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Sat, 24 Dec 2022 10:07:25 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
tp_out
d.adroll.com/cm/index/ Frame E0B7 		42 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:cc3:fe05:1f91:910c:4285:3fe6 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:26 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.0
content-length
42
vary
Cookie
content-type
image/gif
crum
dsum-sec.casalemedia.com/ Frame E0B7
Redirect Chain
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=1&t=pixel
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=205&external_user_id=nkh8gtcfmc1h
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=205&external_user_id=nkh8gtcfmc1h
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=486
Content-Length
43
Expires
0

Redirect headers

lws
35
date
Sat, 24 Dec 2022 10:07:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
accept-encoding
utf-8
time-ms
0
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=205&external_user_id=nkh8gtcfmc1h
cache-control
no-cache, no-store
content-length
0
rum
dsum.casalemedia.com/ Frame E0B7
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=index
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=index
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=index
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=03261727-0c90-4ff7-bb00-6d9b4be2bf30&ssp=index
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=755320ee-2727-4208-8ed9-6b19251e856a&gdpr=&gdpr_consent=&us_privacy=
43 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=755320ee-2727-4208-8ed9-6b19251e856a&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:30 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RSWUYc81iJ6xKa5ecXwJ5%2BkCCKHrBuk%2FC0LFW0XI8%2FLXdUl6e8oSzSBApYPs5lyE%2BiwsR3XtCJn98GHkRdUhkTzhHofzpeuFSNUYnA1LhSVyyoEKCnTlO%2B16bMFMAZA0deyDil5O"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
77e887c858e8bbdf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
//dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=755320ee-2727-4208-8ed9-6b19251e856a&gdpr=&gdpr_consent=&us_privacy=
date
Sat, 24 Dec 2022 10:07:29 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
rum
dsum-sec.casalemedia.com/ Frame E0B7
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y6bPWwAF2FDiKwAe
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y6bPWwAF2FDiKwAe
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:27 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-hhn-etou8220080-HHN
pragma
no-cache
date
Sat, 24 Dec 2022 10:07:27 GMT
via
1.1 varnish
server
Varnish
x-timer
S1671876447.016472,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y6bPWwAF2FDiKwAe
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
crum
dsum-sec.casalemedia.com/ Frame E0B7
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=491
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:27 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
crum
dsum-sec.casalemedia.com/ Frame E0B7
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7236359441748730540&expiration=1673086047
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7236359441748730540&expiration=1673086047
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:27 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=491
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7236359441748730540&expiration=1673086047
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
ie
match.prod.bidr.io/cookie-sync/ Frame E0B7 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.69.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-69-248.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:27 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame E0B7 		43 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y6bPWOa4eXFjFoTtryyD1wAA%261203
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:27 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
5290
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77e887b28a722c06-FRA
content-length
43
expires
Sun, 25 Dec 2022 10:07:27 GMT
rum
dsum-sec.casalemedia.com/ Frame 83E7
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y6bPWwAF2FDiKwAe
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y6bPWwAF2FDiKwAe
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:27 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-hhn-etou8220080-HHN
pragma
no-cache
date
Sat, 24 Dec 2022 10:07:26 GMT
via
1.1 varnish
server
Varnish
x-timer
S1671876446.065162,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y6bPWwAF2FDiKwAe
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
crum
dsum-sec.casalemedia.com/ Frame 83E7
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=97cb63a6-cf57-4b00-93fc-283781cb1270
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=97cb63a6-cf57-4b00-93fc-283781cb1270
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:27 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

Date
Sat, 24 Dec 2022 10:07:26 GMT
Server
MT3 277 3f0ad7a master cdg-pixel-x33 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=97cb63a6-cf57-4b00-93fc-283781cb1270
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 24 Dec 2022 10:07:25 GMT
rum
dsum.casalemedia.com/ Frame 83E7
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1671962847
43 B
836 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1671962847
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m%2Fj3IWSxy90XrBU4kCuz%2FcnugmOtlRtfoQMau3nO%2Fvr7WVU4QEJuZeCW8wh4y6LgbzprN4JTd7jJbgVjtE%2FCM%2BbookiT6hxQc%2F1dOZZypSUl7m71esKOifxdhFZNAKiKR8sa7umM"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
77e887b7bd08bbdf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1671962847
pragma
no-cache
date
Sat, 24 Dec 2022 10:07:27 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
crum
dsum-sec.casalemedia.com/ Frame 83E7
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=8874ED5CEE8940DDB1B8506056D965E5
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=8874ED5CEE8940DDB1B8506056D965E5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:27 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

date
Sat, 24 Dec 2022 10:07:27 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=8874ED5CEE8940DDB1B8506056D965E5
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 23 Dec 2022 10:07:27 GMT
crum
dsum-sec.casalemedia.com/ Frame 83E7
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=485
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:27 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
rum
dsum-sec.casalemedia.com/ Frame 83E7
Redirect Chain
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=Y6bPWOa4eXFjFoTtryyD1wAA%261203
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=3b7dda92-8b9d-48c5-834d-e20f3faa1389-tuctaa054df
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=3b7dda92-8b9d-48c5-834d-e20f3faa1389-tuctaa054df
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=489
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=3b7dda92-8b9d-48c5-834d-e20f3faa1389-tuctaa054df
date
Sat, 24 Dec 2022 10:07:27 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
40828
bridge
cm.adgrx.com/ Frame 83E7 		43 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.95.96.108 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:27 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
ams-delivery-10
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT
casale
match.adsrvr.org/track/cmf/ Frame 83E7 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 24 Dec 2022 10:07:27 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
htw-pixel.gif
cdn.indexww.com/ht/ Frame 83E7 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y6bPWOa4eXFjFoTtryyD1wAA%261203
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:27 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
5290
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77e887b28a732c06-FRA
content-length
43
expires
Sun, 25 Dec 2022 10:07:27 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 395B 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b128fc8d1d046bffba9a04bcef5deecee22269943b75c488a9fce0dcab444aab

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
77e887abfe8d9a1d-FRA
content-encoding
br
content-type
text/html
date
Sat, 24 Dec 2022 10:07:26 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wffvr%2FSVuG2SogAkZxNAfVH9okjYvhqDgWzpiZPBamTMwp3CF8hiL%2F%2FnVKGC%2BULwkKVeqAOG1BjCuzpYRr9BIeYV4ihrgecQZWSfFt%2FyK3KLcNAg5fr3te2l99ucroEmZ0zHNvu%2B2jH8Hw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
ca
choices.trustarc.com/ Frame 5B10 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/ca?aid=sojern02_d&pid=sojern01&cid=_LBcidLB_&w=728&h=90&c=1305348382&js=pmw1&base=te-clr1-7fda228c-dd37-4ae0-8371-62a4a77d04f9&admarker=dynamic
Requested by
Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=sojern01&aid=sojern02_d&c=1305348382&js=pmw0&w=728&h=90&admarker=dynamic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-110.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
dd9d05894c94d5ae6c6d82dd3f5d60bdc3d6888ce6fb53bb0121c2b26f444782
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop
FRA2-C1
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
2370
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
text/javascript;charset=UTF-8
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
Mf0AY5hzTp0Azb8TXEdJxQ9y0_aUDwqF_GSXT8ZF3xdcIiyg_i0d5w==
expires
Mon, 26 Jul 1997 05:00:00 GMT
ca
choices.trustarc.com/ Frame 5B10 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/ca?aid=sojern02_d&pid=sojern01&cid=_LBcidLB_&w=728&h=90&c=1305348382&js=pmw2
Requested by
Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=sojern01&aid=sojern02_d&c=1305348382&js=pmw0&w=728&h=90&admarker=dynamic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-110.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop
FRA2-C1
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
text/javascript;charset=UTF-8
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
PonfL4vVMPBi6fpe2Zc0hKFQmHI40mBrjxMqZQJU8FnGJHEWMAFWWQ==
expires
Mon, 26 Jul 1997 05:00:00 GMT
cap
choices.trustarc.com/ Frame 5B10 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/cap?aid=sojern02_d&pid=sojern01&cid=_LBcidLB_&w=728&h=90&c=9f45
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=hnhz&e=1544311770728
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-110.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
via
1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
HOa6v06DKKfdfl9qrKxmd4Ehz5-J0Dw48ty_vWyIhkc2hKLn6kX63g==
expires
Mon, 26 Jul 1997 05:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 094D 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:26 GMT
AN-X-Request-Uuid
25f44d88-b462-4613-bae2-4edd672b7d7d
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 97B0 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bf4fe18cf7ca25bb33ae328eb04816643184d449c81643c24bbacdb6c6c624a

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
77e887ac2ee99a1d-FRA
content-encoding
br
content-type
text/html
date
Sat, 24 Dec 2022 10:07:26 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4R9SDXjbAeDcncKOZ%2B7RNp5vd4CuIAyY6uVBZG2UBNUC5J79VqbL7txQeDSTMpm4YAs9IhdYDPKzWtxqcRp5iZDYIYfM65ihBqZx1CRYQsUtpJgQXi45CVx6bfinrPO1gubITb6mflScow%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
ImgSync
image8.pubmatic.com/AdServer/ Frame 2670 		0
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:24 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
crum
dsum-sec.casalemedia.com/ Frame 2670
Redirect Chain
  • https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=844299&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACvtU7HTZ8AACCc-W2WOA&expiration=1673086047&gdpr=0
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACvtU7HTZ8AACCc-W2WOA&expiration=1673086047&gdpr=0
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACvtU7HTZ8AACCc-W2WOA&expiration=1673086047&gdpr=0
Date
Sat, 24 Dec 2022 10:07:27 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame 2670 		95 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?referrer=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.55.233.29 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.233.55.162.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/png
date
Sat, 24 Dec 2022 10:07:26 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
async_usersync
ib.adnxs.com/ Frame C861 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:26 GMT
AN-X-Request-Uuid
e073bee5-223a-459c-8957-ab5501c145ed
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 9FFE 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef044ab3234a07c9d87ac69e041d6efe4992dea0c1367dd3ac330f8b00cf2b92

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
77e887ac3f099a1d-FRA
content-encoding
br
content-type
text/html
date
Sat, 24 Dec 2022 10:07:26 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qVnv%2BLKVBlRSpCr7hOnstDpNB84AGTBSlALQc%2BmJ448XsZmdd8tgTXC2EGOGBnZzR3VeQoXxLpW%2B%2FudJpH7H7BY%2Bb46fjRcKDS0nUg6i7Lfg2k7QJ%2BeAIQW94D23uZA3%2FNDFX2tc7gEoVg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
ft.stat
stat.flashtalking.com/reportV3/ Frame 90BF 		1 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stat.flashtalking.com/reportV3/ft.stat?216800443-6162252;3290827;27933064-306-0-547122A6DAD0A9-674861276
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=efljs&e=1535582086632
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-99.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:26 GMT
Last-Modified
Thu, 28 Jun 2012 14:38:09 GMT
Server
AkamaiNetStorage
ETag
"c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type
text/plain
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1
Expires
Sat, 24 Dec 2022 10:07:26 GMT
ft.stat
stat.flashtalking.com/reportV3/ Frame A931 		1 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stat.flashtalking.com/reportV3/ft.stat?216800443-6162252;3290827;27933064-306-0-5471574181B1AC-682365182
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=icavjgt&e=1535582086632
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-99.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:26 GMT
Last-Modified
Thu, 28 Jun 2012 14:38:09 GMT
Server
AkamaiNetStorage
ETag
"c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type
text/plain
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1
Expires
Sat, 24 Dec 2022 10:07:26 GMT
ft.stat
stat.flashtalking.com/reportV3/ Frame 9393 		1 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stat.flashtalking.com/reportV3/ft.stat?216800443-6162252;3290827;27933064-306-0-5471DFEB9852E9-529998071
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=ybwpafwce&e=1535582086632
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-99.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:26 GMT
Last-Modified
Thu, 28 Jun 2012 14:38:09 GMT
Server
AkamaiNetStorage
ETag
"c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type
text/plain
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1
Expires
Sat, 24 Dec 2022 10:07:26 GMT
ft.stat
stat.flashtalking.com/reportV3/ Frame 9936 		1 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stat.flashtalking.com/reportV3/ft.stat?216800443-6162252;3290827;27933064-306-0-5471A9AE0470D9-756051032
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=hxphinku&e=1535582086632
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-99.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:26 GMT
Last-Modified
Thu, 28 Jun 2012 14:38:09 GMT
Server
AkamaiNetStorage
ETag
"c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type
text/plain
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1
Expires
Sat, 24 Dec 2022 10:07:26 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame EB0F 		0
48 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156319&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:25 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
2500852-2.js
smarttag.rubiconproject.com/a/23684/436810/ Frame DB03 		1 KB
858 B 		Script
General
Check archive.org
Download Go to
Full URL
https://smarttag.rubiconproject.com/a/23684/436810/2500852-2.js?&cb=0.5479920848295696&tk_st=1&rf=https%3A//forward.com/news/529130/george-santos-jewish-lie-genealogy-records/&rp_s=c&p_pos=btf&p_screen_res=1600x1200&ad_slot=436810_2&rp_secure=1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/ad/23684.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
2f1d8d620d98e150660221e0ddef2eb1d19f8492a36e02b21076a51f91d7b746

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:26 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
text/javascript
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
824
expires
Wed, 17 Sep 1975 21:32:10 GMT
2500852-2.js
smarttag.rubiconproject.com/a/23684/436810/ Frame 4ABA 		1 KB
876 B 		Script
General
Check archive.org
Download Go to
Full URL
https://smarttag.rubiconproject.com/a/23684/436810/2500852-2.js?&cb=0.030256539936127647&tk_st=1&rf=https%3A//forward.com/news/529130/george-santos-jewish-lie-genealogy-records/&rp_s=c&p_pos=btf&p_screen_res=1600x1200&ad_slot=436810_2&rp_secure=1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/ad/23684.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
af7293296b39476533cec1b269be3caa3f338fa6a544d0395d1db0bca1903a44

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:26 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
text/javascript
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
820
expires
Wed, 17 Sep 1975 21:32:10 GMT
viewability
hal900010.redintelligence.net/ Frame 2AEF 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900010.redintelligence.net/viewability?s=44963500034056600951421012183010&a=ea4f5abd&vb=v
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request_content.php?s=44963500034056600951421012183010&a=2b5be74c
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.145.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900010.redintelligence.net/request_content.php?s=44963500034056600951421012183010&a=2b5be74c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:26 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
ix
ad4m.at/ad/sim/ Frame 7A1C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
crum
dsum.casalemedia.com/ Frame 7A1C
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=12f3d347-713d-dd7a-fe33f9e7
43 B
836 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=12f3d347-713d-dd7a-fe33f9e7
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gaKV5842qasQEBNnwdZz%2BgLCGPE69GtPQeTMw7Notjfjq0VInvG2xvm%2Bm3l3fHb%2BCn7CzUb66QXiZi8SyjiryxVc3auC3RmUV%2F2J7jWn4nCPxahTh8QRIzZykKmpm6eGUE%2BeQDkR"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
77e887b36bb7bbdf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Sat, 24 Dec 2022 10:07:26 GMT
via
1.1 google
server
nginx/1.22.1
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=12f3d347-713d-dd7a-fe33f9e7
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119
crum
dsum-sec.casalemedia.com/ Frame 7A1C
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=491
Content-Length
43
Expires
0

Redirect headers

date
Sat, 24 Dec 2022 10:07:27 GMT
server
nginx
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
access-control-allow-origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
content-type
text/html; charset=UTF-8
cache-control
no-cache
keep-alive
timeout=10
access-control-allow-headers
Origin
crum
dsum.casalemedia.com/ Frame 7A1C
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=6212074435349714829
43 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=6212074435349714829
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rMMg8oCjrL2TESe5aHhbxIA5t%2BfG%2BgOghANj%2Bqlduu3%2FaplrCMlcZ19%2B7r9qe%2Bsuvy%2FmeCWr0ja3HaMH%2F9DmvLDqC2do7RZMW4dlo0saQW48ifAX1cQgzKPODxN5lOnEM%2FJF61yk"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
77e887b7dd54bbdf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Date
Sat, 24 Dec 2022 10:07:27 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
93bbe44e-7a89-418e-878b-b571db04b1b1
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=6212074435349714829
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 7A1C
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7236359441748730540&expiration=1673086047
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7236359441748730540&expiration=1673086047
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:27 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7236359441748730540&expiration=1673086047
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
casale
match.adsrvr.org/track/cmf/ Frame 7A1C 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 24 Dec 2022 10:07:27 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 7A1C
Redirect Chain
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=136f47f4-34a1-43ea-aa6f-3eca94e14e02
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=136f47f4-34a1-43ea-aa6f-3eca94e14e02
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=136f47f4-34a1-43ea-aa6f-3eca94e14e02
date
Sat, 24 Dec 2022 10:07:27 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
content-type
text/html; charset=utf-8
rum
dsum-sec.casalemedia.com/ Frame 7A1C
Redirect Chain
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=a7636e36-5869-4f9d-a2d8-78c5f4dcfb09&us_privacy=null&gdpr_consent=null&gdpr=null
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=a7636e36-5869-4f9d-a2d8-78c5f4dcfb09&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=a7636e36-5869-4f9d-a2d8-78c5f4dcfb09&us_privacy=null&gdpr_consent=null&gdpr=null
date
Sat, 24 Dec 2022 10:07:27 GMT
server
_
content-length
0
htw-pixel.gif
cdn.indexww.com/ht/ Frame 7A1C 		43 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y6bPWOa4eXFjFoTtryyD1wAA%261203
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:27 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
5290
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77e887b28a772c06-FRA
content-length
43
expires
Sun, 25 Dec 2022 10:07:27 GMT
ix
ad4m.at/ad/sim/ Frame 5D6B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
crum
dsum-sec.casalemedia.com/ Frame 5D6B
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=494
Content-Length
43
Expires
0

Redirect headers

date
Sat, 24 Dec 2022 10:07:27 GMT
server
nginx
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
access-control-allow-origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
content-type
text/html; charset=UTF-8
cache-control
no-cache
keep-alive
timeout=10
access-control-allow-headers
Origin
crum
dsum.casalemedia.com/ Frame 5D6B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=6212074435349714829
43 B
832 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=6212074435349714829
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QQWFz3SBlOvsnrA9nry%2FpyhYFmTBiboAmmtITJgmzK9R0ZT8c9LE2jjqdMWMZ6EB73NB2lFbl5W9qXY5Sn3C9Yd6YxHbZKGmfzztFrBFwF3m6mR7CNmXoFTizYUTq3tBbxDoo%2B3d"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
77e887b7ed77bbdf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Date
Sat, 24 Dec 2022 10:07:27 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
89ca235a-b891-4690-8424-226ca029d1bb
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=6212074435349714829
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
user-registering
ads.stickyadstv.com/ Frame 5D6B 		43 B
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=Y6bPWOa4eXFjFoTtryyD1wAA%261203&gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.106.211 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-106-211.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:27 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1671876447358023-604
Expires
Sat, 24 Dec 2022 10:07:27 GMT
crum
dsum.casalemedia.com/ Frame 5D6B
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=12f3d347-713d-dd7a-fe33f9e7
43 B
833 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=12f3d347-713d-dd7a-fe33f9e7
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aPiFBlrp70q45Gkt8RLpvm%2F%2Bd8qvAA7xHaLIpMTgJYYRDjvjsQNWhLnrGl9ovzbjGddYPICVY0Hb43skxl2BzR%2BXPSe8CP7erBWIZOpH4bTtuEmokWjn4KuvFIw1HzsKvOTlFrxs"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
77e887b8af0fbbdf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Sat, 24 Dec 2022 10:07:27 GMT
via
1.1 google
server
nginx/1.22.1
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=12f3d347-713d-dd7a-fe33f9e7
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119
rum
dsum-sec.casalemedia.com/ Frame 5D6B
Redirect Chain
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=c4095d88-3eed-4fdc-8636-fc02d697815b&us_privacy=null&gdpr_consent=null&gdpr=null
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=c4095d88-3eed-4fdc-8636-fc02d697815b&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=490
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=c4095d88-3eed-4fdc-8636-fc02d697815b&us_privacy=null&gdpr_consent=null&gdpr=null
date
Sat, 24 Dec 2022 10:07:27 GMT
server
_
content-length
0
Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 5D6B 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:965e:3ef:16d0:9a4c Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:27 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
rum
dsum-sec.casalemedia.com/ Frame 5D6B
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y6bPWwAF2FDiKwAe
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y6bPWwAF2FDiKwAe
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=493
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-hhn-etou8220080-HHN
pragma
no-cache
date
Sat, 24 Dec 2022 10:07:27 GMT
via
1.1 varnish
server
Varnish
x-timer
S1671876447.112415,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y6bPWwAF2FDiKwAe
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
htw-pixel.gif
cdn.indexww.com/ht/ Frame 5D6B 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y6bPWOa4eXFjFoTtryyD1wAA%261203
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:27 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
5290
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77e887b28a782c06-FRA
content-length
43
expires
Sun, 25 Dec 2022 10:07:27 GMT
usync.js
eus.rubiconproject.com/ Frame AB2E 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9978410e404c2f058fe25e4d4a70899c7a817bc0b86eddb39d97e827038aa770

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:26 GMT
content-encoding
gzip
last-modified
Sat, 24 Dec 2022 03:57:26 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=64190
content-length
10066
expires
Sun, 25 Dec 2022 03:57:16 GMT
usync.js
eus.rubiconproject.com/ Frame 2682 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9978410e404c2f058fe25e4d4a70899c7a817bc0b86eddb39d97e827038aa770

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:26 GMT
content-encoding
gzip
last-modified
Sat, 24 Dec 2022 03:57:26 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=64190
content-length
10066
expires
Sun, 25 Dec 2022 03:57:16 GMT
usync.js
eus.rubiconproject.com/ Frame 768A 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9978410e404c2f058fe25e4d4a70899c7a817bc0b86eddb39d97e827038aa770

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:26 GMT
content-encoding
gzip
last-modified
Sat, 24 Dec 2022 03:57:26 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=64190
content-length
10066
expires
Sun, 25 Dec 2022 03:57:16 GMT
ix
ad4m.at/ad/sim/ Frame 8B0E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
rum
dsum-sec.casalemedia.com/ Frame 8B0E
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y6bPWwAF2FDiKwAe
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y6bPWwAF2FDiKwAe
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:27 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=494
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-hhn-etou8220080-HHN
pragma
no-cache
date
Sat, 24 Dec 2022 10:07:26 GMT
via
1.1 varnish
server
Varnish
x-timer
S1671876446.292359,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y6bPWwAF2FDiKwAe
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
crum
dsum-sec.casalemedia.com/ Frame 8B0E
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=8874ED5CEE8940DDB1B8506056D965E5
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=8874ED5CEE8940DDB1B8506056D965E5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

date
Sat, 24 Dec 2022 10:07:27 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=8874ED5CEE8940DDB1B8506056D965E5
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 23 Dec 2022 10:07:27 GMT
dcm
s.amazon-adsystem.com/ Frame 8B0E 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:27 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
G46Y1QYPVY9P6D0JZE14
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 8B0E 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:965e:3ef:16d0:9a4c Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:27 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
ibs:dpid=23728&dpuuid=Y6bPWOa4eXFjFoTtryyD1wAA%261203
dpm.demdex.net/ Frame 8B0E 		42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y6bPWOa4eXFjFoTtryyD1wAA%261203?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.144.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-144-110.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v045-02b96ccc8.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
1UBE7IVlQPM=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
crum
dsum-sec.casalemedia.com/ Frame 8B0E
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1687601247&external_user_id=5e432e67-f557-4027-a581-a53d0d77e612
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1687601247&external_user_id=5e432e67-f557-4027-a581-a53d0d77e612
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

date
Sat, 24 Dec 2022 10:07:27 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1687601247&external_user_id=5e432e67-f557-4027-a581-a53d0d77e612
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
crum
dsum-sec.casalemedia.com/ Frame 8B0E
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7236359441748730540&expiration=1673086047
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7236359441748730540&expiration=1673086047
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7236359441748730540&expiration=1673086047
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
htw-pixel.gif
cdn.indexww.com/ht/ Frame 8B0E 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y6bPWOa4eXFjFoTtryyD1wAA%261203
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:27 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
5290
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77e887b2cad92c06-FRA
content-length
43
expires
Sun, 25 Dec 2022 10:07:27 GMT
ft.stat
stat.flashtalking.com/reportV3/ Frame 96B2 		1 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stat.flashtalking.com/reportV3/ft.stat?216800443-6162252;3290827;27933064-306-0-54719C407437AC-380130224
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=ajdxfouger&e=1535582086632
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-99.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:26 GMT
Last-Modified
Thu, 28 Jun 2012 14:38:09 GMT
Server
AkamaiNetStorage
ETag
"c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type
text/plain
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1
Expires
Sat, 24 Dec 2022 10:07:26 GMT
Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 6399 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:965e:3ef:16d0:9a4c Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:26 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame 6399
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6212074435349714829
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6212074435349714829
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:27 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Date
Sat, 24 Dec 2022 10:07:26 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
1b59c48c-29e6-488c-bb59-f3c14d0e678f
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6212074435349714829
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 6399
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=97cb63a6-cf57-4b00-93fc-283781cb1270
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=97cb63a6-cf57-4b00-93fc-283781cb1270
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=492
Content-Length
43
Expires
0

Redirect headers

Date
Sat, 24 Dec 2022 10:07:27 GMT
Server
MT3 277 3f0ad7a master cdg-pixel-x14 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=97cb63a6-cf57-4b00-93fc-283781cb1270
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 24 Dec 2022 10:07:26 GMT
ie
match.prod.bidr.io/cookie-sync/ Frame 6399 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.69.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-69-248.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:27 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 6399
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=490
Content-Length
43
Expires
0

Redirect headers

date
Sat, 24 Dec 2022 10:07:28 GMT
server
nginx
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
access-control-allow-origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
content-type
text/html; charset=UTF-8
cache-control
no-cache
keep-alive
timeout=10
access-control-allow-headers
Origin
dcm
s.amazon-adsystem.com/ Frame 6399 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:27 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
AWENS6J8PG4TRH1VZB73
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 6399
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7236359441748730540&expiration=1673086047
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7236359441748730540&expiration=1673086047
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7236359441748730540&expiration=1673086047
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 6399 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Sat, 24 Dec 2022 10:07:26 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame 6399 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y6bPWOa4eXFjFoTtryyD1wAA%261203
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:27 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
5290
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77e887b2cae02c06-FRA
content-length
43
expires
Sun, 25 Dec 2022 10:07:27 GMT
usync.js
eus.rubiconproject.com/ Frame 72DD 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9978410e404c2f058fe25e4d4a70899c7a817bc0b86eddb39d97e827038aa770

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:26 GMT
content-encoding
gzip
last-modified
Sat, 24 Dec 2022 03:57:26 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=64190
content-length
10066
expires
Sun, 25 Dec 2022 03:57:16 GMT
usync.js
eus.rubiconproject.com/ Frame 17BB 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9978410e404c2f058fe25e4d4a70899c7a817bc0b86eddb39d97e827038aa770

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:26 GMT
content-encoding
gzip
last-modified
Sat, 24 Dec 2022 03:57:26 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=64190
content-length
10066
expires
Sun, 25 Dec 2022 03:57:16 GMT
crum
dsum.casalemedia.com/ Frame 88F4
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=19e9bac6-7279-469a-c7d1881c
43 B
829 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=19e9bac6-7279-469a-c7d1881c
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WzzLTBuwguoVudv%2FEJCC8Ol6dMtaEfsfysHWGHo6a2bRzAa5Mzn9qmI7P2DamTXFs0AiWYcKfXWiPV4OMnbr3PZQvJ5rPN0mnbYdX04vovDrLXJNLj0xHtDRsO7p1rq6CVQYG8vG"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
77e887b38c3abbdf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Sat, 24 Dec 2022 10:07:26 GMT
via
1.1 google
server
nginx/1.22.1
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=19e9bac6-7279-469a-c7d1881c
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119
crum
dsum-sec.casalemedia.com/ Frame 88F4
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=8874ED5CEE8940DDB1B8506056D965E5
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=8874ED5CEE8940DDB1B8506056D965E5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:27 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

date
Sat, 24 Dec 2022 10:07:26 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=8874ED5CEE8940DDB1B8506056D965E5
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 23 Dec 2022 10:07:26 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 88F4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJ57NvDKF-zGmN4-Sfn3qpU&google_cver=1
43 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJ57NvDKF-zGmN4-Sfn3qpU&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qYKr0Kv5EVW0nO0E9kQsC18seTsQOfz8gCm6PeWmo3U6%2B6ZdB9gl%2FY1H1G4E9hfbklChnSt%2FOeEjQWHtTIXQ54c2vjbvBPYsi3ZfHurmPLU8O1kt537CdMNYae7JInVBnsTFsVpWHaMA3w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
77e887b938729a1d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJ57NvDKF-zGmN4-Sfn3qpU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 88F4
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7236359441748730540&expiration=1673086047
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7236359441748730540&expiration=1673086047
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=488
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7236359441748730540&expiration=1673086047
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
ix
ad4m.at/ad/sim/ Frame 88F4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 88F4
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
2a05:d018:d29:3605:965e:3ef:16d0:9a4c Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:28 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB
date
Sat, 24 Dec 2022 10:07:27 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame 88F4
Redirect Chain
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=53eeb8db-3785-4c2f-85cb-e96e8ceae46e
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=53eeb8db-3785-4c2f-85cb-e96e8ceae46e
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=53eeb8db-3785-4c2f-85cb-e96e8ceae46e
date
Sat, 24 Dec 2022 10:07:27 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
content-type
text/html; charset=utf-8
crum
dsum-sec.casalemedia.com/ Frame 88F4
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=97cb63a6-cf57-4b00-93fc-283781cb1270
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=97cb63a6-cf57-4b00-93fc-283781cb1270
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=493
Content-Length
43
Expires
0

Redirect headers

Date
Sat, 24 Dec 2022 10:07:27 GMT
Server
MT3 277 3f0ad7a master cdg-pixel-x33 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=97cb63a6-cf57-4b00-93fc-283781cb1270
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 24 Dec 2022 10:07:26 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame 88F4 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y6bPWOa4eXFjFoTtryyD1wAA%261203
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:27 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
5290
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77e887b35c432c06-FRA
content-length
43
expires
Sun, 25 Dec 2022 10:07:27 GMT
rum
dsum-sec.casalemedia.com/ Frame B66A
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=0b9f6ef8-1eba-f7b2-e9c126e0
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=0b9f6ef8-1eba-f7b2-e9c126e0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:27 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

date
Sat, 24 Dec 2022 10:07:26 GMT
via
1.1 google
server
nginx/1.22.1
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=0b9f6ef8-1eba-f7b2-e9c126e0
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146
rum
dsum-sec.casalemedia.com/ Frame B66A
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=1bPmf4DmsivOs-Z91biqeNC0tnnOt-Yv0LOwaNNR
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=1bPmf4DmsivOs-Z91biqeNC0tnnOt-Yv0LOwaNNR
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:27 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:26 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=1bPmf4DmsivOs-Z91biqeNC0tnnOt-Yv0LOwaNNR
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame B66A
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
2a05:d018:d29:3605:965e:3ef:16d0:9a4c Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:28 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB
date
Sat, 24 Dec 2022 10:07:27 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame B66A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=97cb63a6-cf57-4b00-93fc-283781cb1270
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=97cb63a6-cf57-4b00-93fc-283781cb1270
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=494
Content-Length
43
Expires
0

Redirect headers

Date
Sat, 24 Dec 2022 10:07:27 GMT
Server
MT3 277 3f0ad7a master cdg-pixel-x26 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=97cb63a6-cf57-4b00-93fc-283781cb1270
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 24 Dec 2022 10:07:26 GMT
crum
dsum-sec.casalemedia.com/ Frame B66A
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6212074435349714829
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6212074435349714829
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=494
Content-Length
43
Expires
0

Redirect headers

Date
Sat, 24 Dec 2022 10:07:27 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
e47ed72e-565e-461f-bf17-509045edc0a4
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6212074435349714829
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame B66A
Redirect Chain
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=079b83fd-2f98-46f2-b869-5e77acad4d28&us_privacy=null&gdpr_consent=null&gdpr=null
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=079b83fd-2f98-46f2-b869-5e77acad4d28&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=490
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=079b83fd-2f98-46f2-b869-5e77acad4d28&us_privacy=null&gdpr_consent=null&gdpr=null
date
Sat, 24 Dec 2022 10:07:27 GMT
server
_
content-length
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame B66A 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Sat, 24 Dec 2022 10:07:26 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
crum
dsum-sec.casalemedia.com/ Frame B66A
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y6bPWOa4eXFjFoTtryyD1wAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELtoEg0zw9AuV8qnWchS9f8&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELtoEg0zw9AuV8qnWchS9f8&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:29 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=489
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELtoEg0zw9AuV8qnWchS9f8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame B66A 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y6bPWOa4eXFjFoTtryyD1wAA%261203
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:27 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
5290
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77e887b35c512c06-FRA
content-length
43
expires
Sun, 25 Dec 2022 10:07:27 GMT
usync.js
eus.rubiconproject.com/ Frame 5C97 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9978410e404c2f058fe25e4d4a70899c7a817bc0b86eddb39d97e827038aa770

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:26 GMT
content-encoding
gzip
last-modified
Sat, 24 Dec 2022 03:57:26 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=64190
content-length
10066
expires
Sun, 25 Dec 2022 03:57:16 GMT
ix
ad4m.at/ad/sim/ Frame A23E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
crum
dsum-sec.casalemedia.com/ Frame A23E
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=487
Content-Length
43
Expires
0

Redirect headers

date
Sat, 24 Dec 2022 10:07:27 GMT
server
nginx
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
access-control-allow-origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
content-type
text/html; charset=UTF-8
cache-control
no-cache
keep-alive
timeout=10
access-control-allow-headers
Origin
crum
dsum.casalemedia.com/ Frame A23E
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=6212074435349714829
43 B
838 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=6212074435349714829
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wxO2Fj4pmkWiOD5OtilEMxqtFvEu8BHjA8N3Xo%2BoFzX3g6iF%2FeU2eYIMEMKikW0F%2BO2MpT1KOp27Q9dJ2%2BeabLG7T3n1XBm6pLcAJk4tTdqIByK2VCqY%2FtoGE%2F780P36lRA8zt%2F%2B"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
77e887b90fc0bbdf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Date
Sat, 24 Dec 2022 10:07:27 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
b3a808e3-b839-43f7-9126-7f018444ad3c
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=6212074435349714829
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum.casalemedia.com/ Frame A23E
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=12f3d347-713d-dd7a-fe33f9e7
43 B
830 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=12f3d347-713d-dd7a-fe33f9e7
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FUk1Kw5N68TypSPq41JzUOu6LF5tIxs6Sq4mPsvAdYPZwQqhNcYoaTGWPLaZ4HKmmbVKhlvT4PsoEm7IS2WcsNb2zFfKlCQRkwKHcmCHHxt0UTgd3HZhYYeO5CRmCgetfgGucE4s"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
77e887b988dbbbdf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Sat, 24 Dec 2022 10:07:27 GMT
via
1.1 google
server
nginx/1.22.1
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=12f3d347-713d-dd7a-fe33f9e7
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119
rum
dsum.casalemedia.com/ Frame A23E
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1671962847
43 B
833 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1671962847
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o6Br6RFLwc4qbOTGKW65lsuIfV36YJmWzYgrZAOAGeS7f1JBq3Aj%2BSYPVjW0ImYud1jrd8%2Fvg9iIvmDhi7QdmqAJyrmj9b302noOF%2FdUQmiWPAI7PZCyu6pZu25udf%2FAs01jQJN1"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
77e887b90fcfbbdf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1671962847
pragma
no-cache
date
Sat, 24 Dec 2022 10:07:27 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame A23E 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:965e:3ef:16d0:9a4c Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:27 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
rum
dsum.casalemedia.com/ Frame A23E
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=index
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=index
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=index
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=03261727-0c90-4ff7-bb00-6d9b4be2bf30&ssp=index
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=755320ee-2727-4208-8ed9-6b19251e856a&gdpr=&gdpr_consent=&us_privacy=
43 B
834 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=755320ee-2727-4208-8ed9-6b19251e856a&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:30 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pR%2BCYg2mPqsl%2FW%2BxU1poS9fJxnJKOMPIwWShI50NqyyMrwa7TvtYd8ffelAvfmDyuQ1EibLvu1Tk3Vc%2BabfCiLhidYZyovIVuWAZhB1Eq2ukwHy1KKLXtjGZIpBjvaLocfJD3V9D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
77e887c87947bbdf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
//dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=755320ee-2727-4208-8ed9-6b19251e856a&gdpr=&gdpr_consent=&us_privacy=
date
Sat, 24 Dec 2022 10:07:29 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
rum
dsum-sec.casalemedia.com/ Frame A23E
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y6bPWwAF2FDiKwAe
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y6bPWwAF2FDiKwAe
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-hhn-etou8220080-HHN
pragma
no-cache
date
Sat, 24 Dec 2022 10:07:27 GMT
via
1.1 varnish
server
Varnish
x-timer
S1671876447.269120,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y6bPWwAF2FDiKwAe
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
htw-pixel.gif
cdn.indexww.com/ht/ Frame A23E 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y6bPWOa4eXFjFoTtryyD1wAA%261203
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:27 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
5290
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77e887b36c6d2c06-FRA
content-length
43
expires
Sun, 25 Dec 2022 10:07:27 GMT
rum
dsum-sec.casalemedia.com/ Frame C480
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=1bPmf4DmsivOs-Z91biqeNC0tnnOt-Yv0LOwaNNR
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=1bPmf4DmsivOs-Z91biqeNC0tnnOt-Yv0LOwaNNR
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:27 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=493
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=1bPmf4DmsivOs-Z91biqeNC0tnnOt-Yv0LOwaNNR
pragma
no-cache
date
Sat, 24 Dec 2022 10:07:26 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame C480 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:965e:3ef:16d0:9a4c Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:26 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
tp_out
d.adroll.com/cm/index/ Frame C480 		42 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:cc3:fe05:1f91:910c:4285:3fe6 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:27 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.0
content-length
42
vary
Cookie
content-type
image/gif
crum
dsum-sec.casalemedia.com/ Frame C480
Redirect Chain
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=bb2eca1b-cf4e-4e2f-85fc-0b411418b3d7
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=bb2eca1b-cf4e-4e2f-85fc-0b411418b3d7
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=493
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=bb2eca1b-cf4e-4e2f-85fc-0b411418b3d7
date
Sat, 24 Dec 2022 10:07:27 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
content-type
text/html; charset=utf-8
rum
dsum-sec.casalemedia.com/ Frame C480
Redirect Chain
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=3a5db520-8ea6-4809-891c-cafac963261b&us_privacy=null&gdpr_consent=null&gdpr=null
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=3a5db520-8ea6-4809-891c-cafac963261b&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=493
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=3a5db520-8ea6-4809-891c-cafac963261b&us_privacy=null&gdpr_consent=null&gdpr=null
date
Sat, 24 Dec 2022 10:07:27 GMT
server
_
content-length
0
crum
dsum-sec.casalemedia.com/ Frame C480
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7236359441748730540&expiration=1673086047
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7236359441748730540&expiration=1673086047
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=489
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7236359441748730540&expiration=1673086047
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
rum
dsum.casalemedia.com/ Frame C480
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=index
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=index&bsw_custom_parameter=755320ee-2727-4208-8ed9-6b19251e856a
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=index&expires=10&bsw_param=755320ee-2727-4208-8ed9-6b19251e856a
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=755320ee-2727-4208-8ed9-6b19251e856a&gdpr=&gdpr_consent=&us_privacy=
43 B
830 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=755320ee-2727-4208-8ed9-6b19251e856a&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YCv40946uJF4ml6CsDyMIMnatlNBj1ZJdrVoV4Lx5R5jBP4IJYD4rt3v0hFdkKFz0tobUimD%2FHeEUaMiH00vVWOvfnTswX%2FFZ8Z4nkVha0geBXBxzqUst6jeM3jeLk0BvFhpJ8w8"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
77e887c1faaabbdf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
//dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=755320ee-2727-4208-8ed9-6b19251e856a&gdpr=&gdpr_consent=&us_privacy=
date
Sat, 24 Dec 2022 10:07:29 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
crum
dsum-sec.casalemedia.com/ Frame C480
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y6bPWOa4eXFjFoTtryyD1wAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELtoEg0zw9AuV8qnWchS9f8&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELtoEg0zw9AuV8qnWchS9f8&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:29 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=489
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELtoEg0zw9AuV8qnWchS9f8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame C480 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y6bPWOa4eXFjFoTtryyD1wAA%261203
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:27 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
5290
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77e887b37c772c06-FRA
content-length
43
expires
Sun, 25 Dec 2022 10:07:27 GMT
usync.js
eus.rubiconproject.com/ Frame 5A09 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9978410e404c2f058fe25e4d4a70899c7a817bc0b86eddb39d97e827038aa770

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:26 GMT
content-encoding
gzip
last-modified
Sat, 24 Dec 2022 03:57:26 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=64190
content-length
10066
expires
Sun, 25 Dec 2022 03:57:16 GMT
async_usersync
ib.adnxs.com/ Frame 2CD7 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:26 GMT
AN-X-Request-Uuid
64d10550-6364-4093-b2f6-e9dd1aefe53c
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame FF69 		47 B
226 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=5485141&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sat, 24 Dec 2022 10:07:26 GMT
content-length
47
content-type
text/html; charset=UTF-8
async_usersync
ib.adnxs.com/ Frame D964 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:26 GMT
AN-X-Request-Uuid
90656173-763d-41c9-bc96-f75632e2b126
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame BC31 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0df891a9e52946edf32ab30ddabc8d01d80a058350a6c5d540f115974cb5ed8

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
77e887aeab7c9a1d-FRA
content-encoding
br
content-type
text/html
date
Sat, 24 Dec 2022 10:07:26 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3jp1gA7BdMaX8vb8wPcZWpni7PX3jCRgK85TBkQADCb9TfOUj21gqm4vYPPbXZue%2FU%2FJgk4Br6XBpbDrTwO91mcv0Dc51WMzB55i0Xam5R%2F8sDLZ%2B4mzcwCo%2BxBUCrDvYu%2BtHd5k3DSNfA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame 184C 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:26 GMT
AN-X-Request-Uuid
50471cdb-32c2-4613-9cea-0204aea0192c
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 55E8 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7716564cff338b823fa35529760e6a29a088dca1a2aabf5bb33aad7c7d8ce92

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
77e887aecbb19a1d-FRA
content-encoding
br
content-type
text/html
date
Sat, 24 Dec 2022 10:07:26 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RWW9WwQnm1WsshPHZymS7dflPLy3WsXibgOVa8PCpqtrNdX6unubgVzQNSazTiZ4wfaDJCrhfn5Te7WV5iBswGv%2BDDqmp12%2BYU1vUPiT4Qadx2gvIARyvfJzv8QMcg89dIIL2btTcFOnbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame AE67 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3339c70a839382d7cbcf838c4925b52843a7fd3f1a9e34a6ae33b110aac9c52

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
77e887aecbb39a1d-FRA
content-encoding
br
content-type
text/html
date
Sat, 24 Dec 2022 10:07:26 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2BM7jH6kIzrPofYjSpKXE2fT8jg34NXcTNxG8NM932%2BgYuz05LAzd%2FXQqSR9IS3j%2F%2BTYoXFyx9xUUUbY%2FGzZINxfUie8hkYzVDSp5PQMa1jeIEUNn6X1%2FLTi8AfWV4wBYPCC3PWyR%2FP6Rg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame A5E5 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:26 GMT
AN-X-Request-Uuid
9817af07-01f8-4d04-8cc0-4792e3347601
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 0ABF 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:26 GMT
AN-X-Request-Uuid
73350848-3855-44db-9102-003486845f3d
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 8A0D 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:26 GMT
AN-X-Request-Uuid
aea7359b-2190-4248-84ec-0eea47a13813
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 1C23 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
579afe28308d3b0bb150e5d2f18578b6ee3eeac6b8a6e80f7ed1cb02cedf9388

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
77e887aedbcf9a1d-FRA
content-encoding
br
content-type
text/html
date
Sat, 24 Dec 2022 10:07:26 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LcF9bNBdSnK4R6qYYY2y5HIrbFodEycElzJLR25Zj0WzrVC4dJgDLgyFfJ0K4X1Wh1H3AnC6DuHRIz5dSOomqIPgUYitTGBu1z4deIJs3zTUdWePISoirjEp5tb8uDrLsYaj6m564xGckg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
ft.stat
stat.flashtalking.com/reportV3/ Frame 3A7C 		1 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stat.flashtalking.com/reportV3/ft.stat?216800443-6162252;3290827;27933064-306-0-54715E62DEC188-77996469
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=sqwwysn&e=1535582086632
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-99.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:26 GMT
Last-Modified
Thu, 28 Jun 2012 14:38:09 GMT
Server
AkamaiNetStorage
ETag
"c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type
text/plain
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1
Expires
Sat, 24 Dec 2022 10:07:26 GMT
vevent
fra1-ib.adnxs.com/ Frame CE34 		0
951 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fforward.com%2F&e=wqT_3QKoC_BMqAUAAAMA1gAFAQjWnpudBhCplq23j4OHvCcYja-4qpOZ7ppWKjYJDJOpglFJfT8RflWRfrkedj8ZAAAAgBSu5z8hflWRfrkedj8pDJMJJPCaMQAAAEDheoQ_MPmGhQw4mFBA4RhIAlCb0ra5AViezX9gAGix8pcBeMmGBoABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJpdWYoJ2EnLCA0NTA2MTg4LCAwKTt1ZignaScsIDc2NTY5MjYsIDApO3VmKCdnJywgMTkxMDI1MDcsIDAJKTxzJywgMjc4NTgwOTIyLCAwCRYwcicsIDM4ODg2ODM3OQUW9IEBkgKJBSFRbjktTEFqWDl1TVpFSnZTdHJrQkdBQWduczFfTUFFNEFFQUFTT0VZVVBtR2hReFlBR0M5Qm1nQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkFxZ0JBckFCQUxrQk5FNWNPNVdXZXpfQkFmUkQ0TFgzUm4wX3lRRUFBQURBek16c1A5a0JTRE1XVFdjbjdqX2dBZDZyMHdQMUFRQUFRRUNZQWdDZ0FnQzFBZ0FBQUFDOUFnQUFBQURBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0SWdfeS1KeEFFR0FFdHdYS3dPYUlERXdpdDBfTW1FQW9ZQVMxbVptWV9NZ04xYm5HaUF3NEltcm1ZSlJBTEdBSXRBQUFBQUxvRENVWlNRVEU2TmpVME5lQURpRENBQkpIa3FnbUlCTENKcXdtUUJBR1lCQVN5QkFrSXZ1b1JFSl9jcEEyNkJCa0k3UWdSdUI2RjYxRzRuajhaQUFBQUEBy1hBQWd2dW9Sd1FTNEhvWHJVYmllUDhrRQkbAQEYRFlCQUR4QgELDQF4aUFXUk01Z0Z1cDNyaEFHcEJVZ3pGazFuSi00X3NRVQ0mFEFBQU1FRgEHCQE4REpCUUFBQUtBTGF1a18wLigABE5rFSi4OERfZ0Jjc0Y4QVdyOW8wSi1BWE1oSk1DZ2dZRFJWVlNpQVlBa0FZQm1BWUFvUVkJWzRBQUlRS2dHQkxJR0pBaxEUCEFBQh3HBEJrGRgAQx0YRExnR0NnLi6aApkBIS1SYWUyUTqNAhBKN05meQG4BEF4EUIsQ0VBNkNVWlNRVEU2JZFAVUNJTUVsSU14Wk5aeWZ1UDEdYQBGHXkMR0c0SDFlADIdGABIHTAMSGdBaUWhAQHw10R3UHcuLtgCAOACm4VO6gIUaHR0cHM6Ly9mb3J3YXJkLmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APw0pIB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDgwLjI1NS43LjEwOKgEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADSBA4zMTY5I0ZSQTE6NjU0NdoEAggB4AQB8ASb0ra5AYgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAAAAEOcNgFAeAFAfAFq-9J-gUECAAQAJAGAJgGALgGAMEGASEwAADwP9AG_wvaBhYKEAkRGQF0EAAYAOAGAfIGAggAgAcBiAcAoAcByAfJhgbSBw0JESgBJgjaBwYBXXAYAOAHAOoHAggA8AeWxQOKCAIQAJUIAACAP5gIAQ..&s=dddf42c511fd6792a7099667b02fb97035e818b3&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=250&sid=1425382271713132305&vd=ct~0|rr~0&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=25248633&sw=1600&sh=1200&pw=1600&ph=250&ww=1600&wh=250&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/231/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:26 GMT
AN-X-Request-Uuid
42b7a873-8c02-49ec-bbb8-d9422b77faa2
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ImgSync
image8.pubmatic.com/AdServer/ Frame 4B98 		0
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:25 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame 4B98 		95 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?referrer=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.55.233.29 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.233.55.162.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/png
date
Sat, 24 Dec 2022 10:07:26 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
crum
dsum-sec.casalemedia.com/ Frame 4B98
Redirect Chain
  • https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=844299&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACvtU7HTZ8AACCc-W2WOA&expiration=1673086047&gdpr=0
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACvtU7HTZ8AACCc-W2WOA&expiration=1673086047&gdpr=0
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=487
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACvtU7HTZ8AACCc-W2WOA&expiration=1673086047&gdpr=0
Date
Sat, 24 Dec 2022 10:07:27 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
async_usersync
ib.adnxs.com/ Frame A736 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:26 GMT
AN-X-Request-Uuid
be81792f-bab7-4d2d-9de6-fae0b2525548
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 9D9F 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:26 GMT
AN-X-Request-Uuid
2c868b8e-38c3-4b8b-b17c-2c8ea5ef0aa2
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame E364 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:26 GMT
AN-X-Request-Uuid
6cd4cb29-7f2b-4f7c-a2ef-93472a0d87c2
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame B7EB 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
290194
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 21 Dec 2022 01:30:52 GMT
expires
Thu, 21 Dec 2023 01:30:52 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 8E6D 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
290194
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 21 Dec 2022 01:30:52 GMT
expires
Thu, 21 Dec 2023 01:30:52 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js
pagead2.googlesyndication.com/bg/ Frame 5006 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 06:51:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11780
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15923
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 24 Dec 2023 06:51:06 GMT
adition.js
imagesrv.adition.com/js/ Frame 7DB7 		32 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/js/adition.js
Requested by
Host: ad4.adfarm1.adition.com
URL: https://ad4.adfarm1.adition.com/banner?sid=4751363&adjsver=3&fvers=&iframe=1&ref=https%3A//flashnetic.com/r/p.html%3Ff%3Djxkpnhr%26e%3D1544311770728&ro=https%3A//flashnetic.com/r/p.html%3Ff%3Djxkpnhr%26e%3D1544311770728&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/108.0.5359.124%20Safari/537.36&os=17&browser=11&userid=7180654624183416986&wi=1301802925&ac=1&kw=%5Bmtp%5D%28cid%29370276156%5BAAID%5D%5BIDFA%5D%5Bu%5Dhttps%3A%2F%2Fforward.com%2F%5Bp%5D1654713%5Bmtp%5D%28segc%29&gdpr=0&screen_res=6&prf[ADVERTISINGID]=&prf[IDFA]=&prf[paadformat]=728x90&prf[paappid]=&prf[paauction]=7669338047087492488&prf[pacarrier]=1&prf[paclickid]=&prf[padevice]=0&prf[padevid]=&prf[padsp]=apx&prf[padspuserid]=6212074435349714829&prf[pageolat]=&prf[pageolon]=&prf[paplacementid]=6063205&prf[papublisherid]=1654713&prf[paref]=https://forward.com/&prf[pasource]=&prf[passp]=10264&prf[pasupplytype]=0&prf[pavendor]=&wpt=J&clickurl=https%3A%2F%2Ffra1%2Dib.adnxs.com%2Fclick%3Fk653z5Oysz%5FLwY9BKFSuPwAAAIA9Cu8%5FKcz3Y8W2tj8aL90kBoG9P4i9CedR9m5qjRdONcm4NVZXz6ZjAAAAAJdDgQEYKAAAsAQAAAIAAAA89xEWnuYfAAAAAABVU0QARVVSANgCWgAx%2DQAAAAABAQUCAAAAAMoAEyY8SgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521PBIcEgiWzrgZELzux7ABGJ7NfyAAKAAxAAAAAAAAAAA6CUZSQTE6NTY4N0CIMElIMxZNZyfuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTIwMCNGUkExOjU2ODc%3D%2Fbn%3D93360%2Fclickenc%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:26 GMT
content-encoding
br
last-modified
Thu, 21 Oct 2021 06:32:42 GMT
etag
"4043560335-br"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
8355
js
ad2.adfarm1.adition.com/ Frame 7DB7 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad2.adfarm1.adition.com/js?wp_id=3935728&gdpr=0&gdpr_consent=&ts=7180654649936841738&kid=5357536&keyword=PACS_4751363_16301114&clickurl=https%3A%2F%2Ffra1%2Dib.adnxs.com%2Fclick%3Fk653z5Oysz%5FLwY9BKFSuPwAAAIA9Cu8%5FKcz3Y8W2tj8aL90kBoG9P4i9CedR9m5qjRdONcm4NVZXz6ZjAAAAAJdDgQEYKAAAsAQAAAIAAAA89xEWnuYfAAAAAABVU0QARVVSANgCWgAx%2DQAAAAABAQUCAAAAAMoAEyY8SgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521PBIcEgiWzrgZELzux7ABGJ7NfyAAKAAxAAAAAAAAAAA6CUZSQTE6NTY4N0CIMElIMxZNZyfuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTIwMCNGUkExOjU2ODc%3D%2Fbn%3D93360%2Fclickenc%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7180654649936841738%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7180654624183416986%2526sid%253D4751363%2526kid%253D5371872%2526bid%253D16301114%2526c%253D58636%2526keyword%253D%25255Bmtp%25255D%252528cid%252529370276156%25255BAAID%25255D%25255BIDFA%25255D%25255Bu%25255Dhttps%25253A%25252F%25252Fforward.com%25252F%25255Bp%25255D1654713%25255Bmtp%25255D%252528segc%252529%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D
Requested by
Host: ad4.adfarm1.adition.com
URL: https://ad4.adfarm1.adition.com/banner?sid=4751363&adjsver=3&fvers=&iframe=1&ref=https%3A//flashnetic.com/r/p.html%3Ff%3Djxkpnhr%26e%3D1544311770728&ro=https%3A//flashnetic.com/r/p.html%3Ff%3Djxkpnhr%26e%3D1544311770728&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/108.0.5359.124%20Safari/537.36&os=17&browser=11&userid=7180654624183416986&wi=1301802925&ac=1&kw=%5Bmtp%5D%28cid%29370276156%5BAAID%5D%5BIDFA%5D%5Bu%5Dhttps%3A%2F%2Fforward.com%2F%5Bp%5D1654713%5Bmtp%5D%28segc%29&gdpr=0&screen_res=6&prf[ADVERTISINGID]=&prf[IDFA]=&prf[paadformat]=728x90&prf[paappid]=&prf[paauction]=7669338047087492488&prf[pacarrier]=1&prf[paclickid]=&prf[padevice]=0&prf[padevid]=&prf[padsp]=apx&prf[padspuserid]=6212074435349714829&prf[pageolat]=&prf[pageolon]=&prf[paplacementid]=6063205&prf[papublisherid]=1654713&prf[paref]=https://forward.com/&prf[pasource]=&prf[passp]=10264&prf[pasupplytype]=0&prf[pavendor]=&wpt=J&clickurl=https%3A%2F%2Ffra1%2Dib.adnxs.com%2Fclick%3Fk653z5Oysz%5FLwY9BKFSuPwAAAIA9Cu8%5FKcz3Y8W2tj8aL90kBoG9P4i9CedR9m5qjRdONcm4NVZXz6ZjAAAAAJdDgQEYKAAAsAQAAAIAAAA89xEWnuYfAAAAAABVU0QARVVSANgCWgAx%2DQAAAAABAQUCAAAAAMoAEyY8SgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521PBIcEgiWzrgZELzux7ABGJ7NfyAAKAAxAAAAAAAAAAA6CUZSQTE6NTY4N0CIMElIMxZNZyfuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTIwMCNGUkExOjU2ODc%3D%2Fbn%3D93360%2Fclickenc%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.21 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad2.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
25aaa50dd96f6c10134de5d3974b2959aa3ba8a730a3fe0fae2e0e1aef633ccc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
date
Sat, 24 Dec 2022 11:07:26 +0100
cache-control
max-age=600
content-encoding
gzip
content-type
application/x-javascript
server
ADITIONSERVER v1.0
expires
Sat, 01 Jan 2000 00:00:00 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 3CF9 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
Origin
https://flashnetic.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 09:14:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3188
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 25 Dec 2022 09:14:18 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/ Frame 3CF9 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N163801.2560713PROPERTYSOLUTIONS/B25884809.304952787;dc_ver=92.271;dc_eid=40004001;sz=728x90;u_sd=1;gdpr=0;aucid=4785499947907653564;crid=292929924;ioid=%24%7BINSERTION_ORDER_ID%7D;liid=%24%7BCAMPAIGN_ID%7D;segid=%24%7BPIXEL_ID_COMMA%7D;srcid=%24%7BSOURCE_URL%7D;dc_adk=3735381077;ord=61ayn8;click=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FYmLzcW2oiD9m_6zPlmCCPwAAAIA9Cu8_Zv-sz5Zggj9jYvNxbaiIP7yfrxPZgmlCjRdONcm4NVZXz6ZjAAAAAJdDgQEYKAAA6h8AAAIAAACEwXURnuYfAAAAAABVU0QARVVSANgCWgAx-QAAAAABAQUCAAAAAMoA0CfszAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%25210hWJIAjMsMQTEISD14sBGJ7NfyAAKAAxmpmZmZmZuT86CUZSQTE6NTQ0OUCIMEkAAAAAAADwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAADQP2kAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DODE3MCNGUkExOjU0NDk%3D%2Fbn%3D93344%2Fclickenc%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Fforward.com%2F$0;xdt=1;crlt=SGqX)'TyIK;gcsr=m;stc=1;chaa=1;sttr=2070;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 16:52:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
62121
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 06 Jan 2023 16:52:05 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 3CF9 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:30:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
290194
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Dec 2023 01:30:52 GMT
ca
choices.trustarc.com/ Frame 3CF9 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/ca?sz=728x90&c=1352751999&cid=0&aid=sojern02_d&pid=sojern01&js=pmw0
Requested by
Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=sojern01&aid=sojern02_d&cid=0&c=1352751999&sz=728x90&js=st_dapp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-110.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
8ba321bb8eebb844aaa4f99329e7141b271192547574184fe3fac01336c31061
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop
FRA2-C1
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
text/javascript;charset=UTF-8
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
DeThPV9MssIZOMAIVhc6jrzpA_LffvlOMMn3Mp7SiOsO1jki5sUocQ==
expires
Mon, 26 Jul 1997 05:00:00 GMT
B24737564.284764903;dc_ver=92.271;sz=1x1;u_sd=1;gdpr=0;dc_adk=1605059296;ord=c0r820;click=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FXwfOGVHaWz8c5PNfJ8JUPwAAAIA9Cu8_HOTzXyfCVD9gB84ZUdpbP3X44UXzBG59j...
ad.doubleclick.net/ddm/adi/N163801.279382BIDMANAGER_DFASITE/ Frame 37B9 		52 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adi/N163801.279382BIDMANAGER_DFASITE/B24737564.284764903;dc_ver=92.271;sz=1x1;u_sd=1;gdpr=0;dc_adk=1605059296;ord=c0r820;click=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FXwfOGVHaWz8c5PNfJ8JUPwAAAIA9Cu8_HOTzXyfCVD9gB84ZUdpbP3X44UXzBG59jRdONcm4NVZXz6ZjAAAAAJdDgQEYKAAA6h8AAAIAAAAgNuAPnuYfAAAAAABVU0QARVVSANgCWgAx-QAAAAABAQUCAAAAAMoAJiTwUgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521xRSavgjVn4IXEKDsgH8Yns1_IAAoADF7FK5H4XqEPzoJRlJBMTo1Njc5QIgwSQAAAAAAAPA_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAANA_aQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DODE3MCNGUkExOjU2Nzk%3D%2Fbn%3D93300%2Fclickenc%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Fforward.com%2F$0;xdt=1;crlt=SGqX)'TyIK;gcsr=m;stc=1;chaa=1;sttr=2419;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v92.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
cafe /
Resource Hash
a3e3a9ace19028b4d3934fb71f16d28d5181f7f2364fec602989530b324b3c69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
25586
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 24 Dec 2022 10:07:26 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ca
choices.trustarc.com/ Frame 5B10 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/ca?sz=728x90&c=1305348382&cid=0&aid=sojern02_d&pid=sojern01&js=pmw0
Requested by
Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=sojern01&aid=sojern02_d&cid=0&c=1305348382&sz=728x90&js=st_dapp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-110.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
ec5c99aa80b11be25a1046e387f72f72bca94be9ac3ff57f18583db7b91dd107
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop
FRA2-C1
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
text/javascript;charset=UTF-8
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
YIbBM1j1S-61JS0tdnCnlgWQ5vGgbcvyr7hrLoYMY6nMwjiNNnXg9A==
expires
Mon, 26 Jul 1997 05:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 0332 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
290194
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 21 Dec 2022 01:30:52 GMT
expires
Thu, 21 Dec 2023 01:30:52 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
async_usersync
ib.adnxs.com/ Frame C031 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1654713&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:26 GMT
AN-X-Request-Uuid
52ab420e-0ec6-481e-a406-ecfc5b62c456
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
skeleton.js
static.adsafeprotected.com/ Frame 3A7C
Redirect Chain
  • https://pixel.adsafeprotected.com/rfw/st/992712/61653181/skeleton.js?782325539&adsafe_url=https%3A%2F%2Fforward.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fforward.com%2F&adsafe_type=c&adsafe_url=ht...
  • https://static.adsafeprotected.com/skeleton.js?782325539
17 B
464 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js?782325539
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=sqwwysn&e=1535582086632
Protocol
H2
Server
2600:9000:21f3:4800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:50:24 GMT
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via
1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
8230624
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
X7PB5biZQ38kfOSTS6ERx7Jd9zn8WFAxA8Z1n2VwvOA45rxT8WpksA==

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:26 GMT
server
nginx
x-server-name
app06.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.js?782325539
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame DBD3 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=sqwwysn&e=1535582086632
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:4800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
8101870
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
7uCdBXk9AFcE73RQ8nqRMAMnCPM_TMXN5jkheAoj8qA4iB7izgdTow==
skeleton.js
static.adsafeprotected.com/ Frame B5EE
Redirect Chain
  • https://pixel.adsafeprotected.com/rfw/st/992712/61653181/skeleton.js?34678416&adsafe_url=https%3A%2F%2Fforward.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fforward.com%2F&adsafe_type=c&adsafe_url=htt...
  • https://static.adsafeprotected.com/skeleton.js?34678416
17 B
463 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js?34678416
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=gsuhtufxa&e=1535582086632
Protocol
H2
Server
2600:9000:21f3:4800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:50:24 GMT
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via
1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
8230624
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
XdVESmLsDzeeoMp-Q7966ad1lqv9zSeqq1fBCrKBoZ1XDS0Zmo67Aw==

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:26 GMT
server
nginx
x-server-name
app08.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.js?34678416
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 16F6 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=gsuhtufxa&e=1535582086632
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:4800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
8101870
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
3gLRbKlhO_5GD7Nt_x_VfUhXV37_JvFmt3-h-xOwb3sQ3CN9jtdPnQ==
ft.stat
stat.flashtalking.com/reportV3/ Frame B5EE 		1 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stat.flashtalking.com/reportV3/ft.stat?216800443-6162252;3290827;27933064-306-0-547141C502C1FA-303748742
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=gsuhtufxa&e=1535582086632
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-99.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:26 GMT
Last-Modified
Thu, 28 Jun 2012 14:38:09 GMT
Server
AkamaiNetStorage
ETag
"c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type
text/plain
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1
Expires
Sat, 24 Dec 2022 10:07:26 GMT
async_usersync
ib.adnxs.com/ Frame 9A25 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1654713&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:26 GMT
AN-X-Request-Uuid
2d4def1b-3804-46d1-a48f-541fc894eff9
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 0385 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
290194
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 21 Dec 2022 01:30:52 GMT
expires
Thu, 21 Dec 2023 01:30:52 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
fpi.js
ap.lijit.com/www/delivery/ Frame 2752 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/www/delivery/fpi.js?z=1051986&width=300&height=250
Requested by
Host: smarttag.rubiconproject.com
URL: https://smarttag.rubiconproject.com/a/23684/436810/2500852-15.js?&cb=0.8833666955903907&tk_st=1&rf=https%3A//forward.com/news/529130/george-santos-jewish-lie-genealogy-records/&rp_s=c&p_pos=btf&p_screen_res=1600x1200&ad_slot=436810_15&rp_secure=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
53d3b513684b230591b0203df937048eb52f4e03e470ecf1ac2bf2477476da70

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:26 GMT
Content-Encoding
gzip
Server
nginx
ETag
W/"6390d276-1540"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
X-Sovrn-Pod
ad_ap1ams1
Expires
Thu, 01 Jan 1970 00:00:01 GMT
8dbd67b1-3e1e-4a51-8266-2dccea8cb19f
beacon-ams3.rubiconproject.com/beacon/d/ Frame 2752 		43 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/8dbd67b1-3e1e-4a51-8266-2dccea8cb19f?oo=0&accountId=23684&siteId=436810&zoneId=2500852&sizeId=15&e=6A1E40E384DA563BFBD87694C024BCEC8A509C07147CA0F8ECA72FDF18190A01A72A189D68A1ED5F3F63FE5F6CC24ADB9F0BE1F8337FD75DEC5B87C439493183B449DA8E7027CE8CFA63250383C10C3663AF685AF18256F37A6ABEA508E1EE14654A7001BB33AB4318C49120C34F5AD4109478760DFABCFE32997889F1DA11D8
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::27 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:26 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
Content-Type
image/avif
Cache-Control
private, max-age=0, no-cache
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
01 Jan 1970 10:00:00 GMT
vevent
fra1-ib.adnxs.com/ Frame 3B7F 		0
951 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fforward.com%2F&e=wqT_3QLTCvBMUwUAAAMA1gAFAQjVnpudBhCp26f54pGY1xEYja-4qpOZ7ppWKjYJy7kUV5V9pz8RQhwM8R89oz8ZAAAAgD0K7z8hQhwM8R89oz8py7kJJPTyATEAAABA4XqUPzCXh4UMOJhQQB1ICFCZjru2AViezX9gAGix8pcBeLrXBYABAYoBA1VTRJIBA0VVUpgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgApuFTuoCFGh0dHBzOi8vZm9yd2FyZC5jb20vgAMAiAMBkAMAmAMXoAMBqgPLBgqDBmh0dHA6Ly90YWdzLm1hdGh0YWcuY29tL25vdGlmeS9pbWc_ZXhjaD1hcG4mc19leGNoPWFwbiZpZD01YVc5NXEyakx6SXpMeUF2VDFkYWEwOVVSVEJhVkdOMFRXcFdhVTlUTUhwYVIwMHpURlJCZDAxRVFYUk5SRUYzVFVSQmQwMUVRWGROUkVGM0x6WXdOakUzT0RjeU1qVXhNemN5TnpVd05TODJOakl5TkRBeEx6UTFOakl6TVRJdk1UTXZabFZ6ZGpNMldsaE5Za1ZJUW5veU5WQXdiR3hqWWtKblEwaHVhVFJTYmt4VFRqaHJaMUJ5VDNOVFRTOHhMekV6THpBdk1DODVOVFk0TURNdk1UTTFPRGc1TURnMk1DOHlNVFkxTXpZdk5qVXhPRGN4THpFdk1DOHdMMDFFUVhkTlJFRjNUVVJCZEUxRVFYZE5RekIzVFVSQmQweFVRWGROUkVGMFQFEBQxRVFYZE4V-Ax5OHdMCXwFCHROakEyTVRjNE56SXlOVEV6TnpJM05UQTFMM3B5YUMBJPC2RTVOUzgwTmk4NU9Ua3ZNekl5THpnd0xqSTFOUzQzTGpBdk1DNHdNREF2TVRZM01UZzNOalF6T0M4eE5qY3hPRGc1TURNNEx6RXpMekV3TWpZMEx3L3N5YlUzOVZjNTE1R3Q3NUJWRktQeFljVk9xVSZub2RlaWQ9Mzc0OSZncm91cD16cmgmYXVjdGlvbmlkPTYwNjE3ODcyMjUxMzcyNzUwNSZwYnNfYXVjdGlvbmlkPTYwNjE3NiEAHHNoYXJka2V5ThwA9EgBcHJpY2U9JHtBVUNUSU9OX1BSSUNFfSZicD1hX2FlZmlpYSZuZnlfYWN0PUxENXdmM1UmYmZpcD0xODUuMjkuMTMzLjYwJnNpZD00NTYyMzEyJmNpZD02NjIyNDAxJnNyYz1hcGkmdHlwZT1udXJsJmNsaWVudD1zMnMSEjYwNjE3ODcyMjUxMzcyNzUwNRoTMTI3NDA2MTkwODM4NTMyODU1MyIJMzgyNjUwMTM3KgYxMDE5MzY6BzY2MjI0MDHAA6wCyAMA2APw0pIB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDgwLjI1NS43LjEwOKgEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANoEAggB4AQB8ASZjru2AYgFAZgFAKAFuu-T0O2bwfwUwAUAyQUAAAAAAADwP9IFCQkBCgEBcNgFAeAFAfAFi-tL-gUECAAQAJAGAJgGALgGAMEGASE0AADwP9AG-asB2gYWChAJEhkBmBAAGADgBgHyBgIIAIAHAYgHAKAHAaoHBjY1MTg3McgHutcF0gcNCRExAS8I2gcGAWdwGADgBwDqBwIIAPAHlsUDiggCEACVCAAAgD-YCAE.&s=38d1097e9911c0c8c60539df27d3222436b8a25d&type=pv&jm=1003&px=0&py=0&bw=728&bh=90&sf=1&sid=1425382271713132305&vd=ct~0|rr~5&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=25248663&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/231/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:26 GMT
AN-X-Request-Uuid
e6436f74-72c2-409e-bc6f-9456aa2c5771
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 2F0C 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvJPjoS3aDbubT329qoXXFG5XJOj1Gz1krlb5VDvwtNK6A_9WKqHl3uqVx_5OJW6FzSX5AYbJnm5DZ9qVRo-Y4zZ6c1VN-b&sig=Cg0ArKJSzNsKqR9xrnfLEAE&id=lidar2&mcvt=2492&p=0,0,90,728&mtos=2492,2492,2492,2492,2492&tos=2492,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=32&adk=3504469854&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671876436900&rpt=7384&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.html
imagesrv.adition.com/banners/268/01/02/b8/18/ Frame 6393 		41 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/banners/268/01/02/b8/18/index.html?clicktag=https%3A%2F%2Ffra1%2Dib.adnxs.com%2Fclick%3FKHqKBn054D9ViIyJNfvYPwAAAIA9Cu8%5FRxz1wmt%5F5D%5FH155ZEqDqP%2DH0GTgw6Zw7jRdONcm4NVZVz6ZjAAAAAJdDgQEYKAAAsAQAAAIAAADAAz8YnuYfAAAAAABVU0QARVVSANgCWgAx%2DQAAAAABAQUCAAAAAMoAWyUv4wAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521BhJD%5FAjJo5YaEMCH%5FMEBGJ7NfyAAKAAxAAAAAAAAAAA6CUZSQTE6NTc3N0CIMElIMxZNZyfuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTIwMCNGUkExOjU3Nzc%3D%2Fbn%3D75880%2Fclickenc%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7180654632757234698%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7180654624183416986%2526sid%253D4787253%2526kid%253D5641793%2526bid%253D17071378%2526c%253D32825%2526keyword%253D%25255Bmtp%25255D%252528cid%252529406782912%25255BAAID%25255D%25255BIDFA%25255D%25255Bu%25255Dhttps%25253A%25252F%25252Fforward.com%25252F%25255Bp%25255D1654713%25255Bmtp%25255D%252528segc%252529%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7180654649941363469%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7180654624183416986%2526sid%253D2885600%2526kid%253D5572862%2526bid%253D16955416%2526c%253D64632%2526keyword%253DPACS%25255F4787253%25255F17071378%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
aa36229be213fc8580c0497aef8b9818e764415515ab5416ac8b68f2ffc5ddad

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
content-encoding
br
content-length
12239
content-type
text/html
date
Sat, 24 Dec 2022 10:07:26 GMT
etag
"2194511319-br"
last-modified
Fri, 23 Dec 2022 21:24:58 GMT
vary
Accept-Encoding
skeleton.js
pixel.adsafeprotected.com/rjss/st/1218281/67368266/ Frame 3444 		46 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/rjss/st/1218281/67368266/skeleton.js
Requested by
Host: ad2.adfarm1.adition.com
URL: https://ad2.adfarm1.adition.com/banner?sid=2885600&adjsver=3&fvers=&iframe=1&ref=https%3A//flashnetic.com/r/p.html%3Ff%3Dvwggzaudv%26e%3D1535582086632&ro=https%3A//flashnetic.com/r/p.html%3Ff%3Dvwggzaudv%26e%3D1535582086632&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/108.0.5359.124%20Safari/537.36&os=17&browser=11&userid=7180654624183416986&kid=5572862&kw=PACS%5F4787253%5F17071378&gdpr=0&screen_res=6&wpt=J&clickurl=https%3A%2F%2Ffra1%2Dib.adnxs.com%2Fclick%3FKHqKBn054D9ViIyJNfvYPwAAAIA9Cu8%5FRxz1wmt%5F5D%5FH155ZEqDqP%2DH0GTgw6Zw7jRdONcm4NVZVz6ZjAAAAAJdDgQEYKAAAsAQAAAIAAADAAz8YnuYfAAAAAABVU0QARVVSANgCWgAx%2DQAAAAABAQUCAAAAAMoAWyUv4wAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521BhJD%5FAjJo5YaEMCH%5FMEBGJ7NfyAAKAAxAAAAAAAAAAA6CUZSQTE6NTc3N0CIMElIMxZNZyfuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTIwMCNGUkExOjU3Nzc%3D%2Fbn%3D75880%2Fclickenc%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7180654632757234698%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7180654624183416986%2526sid%253D4787253%2526kid%253D5641793%2526bid%253D17071378%2526c%253D32825%2526keyword%253D%25255Bmtp%25255D%252528cid%252529406782912%25255BAAID%25255D%25255BIDFA%25255D%25255Bu%25255Dhttps%25253A%25252F%25252Fforward.com%25252F%25255Bp%25255D1654713%25255Bmtp%25255D%252528segc%252529%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.4.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-4-225.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
3514c878613cc9cb8a3650c2e376b296b0e6b91218fa94accc4958591b336b25

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:26 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
B28713148.352526337;dc_pre=CNGf5Y2BkvwCFamT_QcdrHQKwA;dc_trk_aid=540623886;dc_trk_cid=180161300;ord=7180654649941363469;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=...
ad.doubleclick.net/ddm/trackimp/N7861.4425511PIAADVERTISINGGMBH/ Frame 3444
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N7861.4425511PIAADVERTISINGGMBH/B28713148.352526337;dc_trk_aid=540623886;dc_trk_cid=180161300;ord=7180654649941363469;dc_lat=;dc_rdid=;tag_for_child_directed...
  • https://ad.doubleclick.net/ddm/trackimp/N7861.4425511PIAADVERTISINGGMBH/B28713148.352526337;dc_pre=CNGf5Y2BkvwCFamT_QcdrHQKwA;dc_trk_aid=540623886;dc_trk_cid=180161300;ord=7180654649941363469;dc_la...
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N7861.4425511PIAADVERTISINGGMBH/B28713148.352526337;dc_pre=CNGf5Y2BkvwCFamT_QcdrHQKwA;dc_trk_aid=540623886;dc_trk_cid=180161300;ord=7180654649941363469;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=vwggzaudv&e=1535582086632
Protocol
H3
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:26 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N7861.4425511PIAADVERTISINGGMBH/B28713148.352526337;dc_pre=CNGf5Y2BkvwCFamT_QcdrHQKwA;dc_trk_aid=540623886;dc_trk_cid=180161300;ord=7180654649941363469;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ai.aspx
m.exactag.com/ Frame 3444 		60 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.exactag.com/ai.aspx?extProvId=87&extPu=amex-adition&extLi=5572862&extPm=2885600&extCr=16955416&gdpr=0&gdpr_consent=&rnd=7180654649941363469
Requested by
Host: ad2.adfarm1.adition.com
URL: https://ad2.adfarm1.adition.com/banner?sid=2885600&adjsver=3&fvers=&iframe=1&ref=https%3A//flashnetic.com/r/p.html%3Ff%3Dvwggzaudv%26e%3D1535582086632&ro=https%3A//flashnetic.com/r/p.html%3Ff%3Dvwggzaudv%26e%3D1535582086632&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/108.0.5359.124%20Safari/537.36&os=17&browser=11&userid=7180654624183416986&kid=5572862&kw=PACS%5F4787253%5F17071378&gdpr=0&screen_res=6&wpt=J&clickurl=https%3A%2F%2Ffra1%2Dib.adnxs.com%2Fclick%3FKHqKBn054D9ViIyJNfvYPwAAAIA9Cu8%5FRxz1wmt%5F5D%5FH155ZEqDqP%2DH0GTgw6Zw7jRdONcm4NVZVz6ZjAAAAAJdDgQEYKAAAsAQAAAIAAADAAz8YnuYfAAAAAABVU0QARVVSANgCWgAx%2DQAAAAABAQUCAAAAAMoAWyUv4wAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521BhJD%5FAjJo5YaEMCH%5FMEBGJ7NfyAAKAAxAAAAAAAAAAA6CUZSQTE6NTc3N0CIMElIMxZNZyfuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTIwMCNGUkExOjU3Nzc%3D%2Fbn%3D75880%2Fclickenc%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7180654632757234698%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7180654624183416986%2526sid%253D4787253%2526kid%253D5641793%2526bid%253D17071378%2526c%253D32825%2526keyword%253D%25255Bmtp%25255D%252528cid%252529406782912%25255BAAID%25255D%25255BIDFA%25255D%25255Bu%25255Dhttps%25253A%25252F%25252Fforward.com%25252F%25255Bp%25255D1654713%25255Bmtp%25255D%252528segc%252529%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
213.202.235.9 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:26 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy
cross-origin
Connection
close
X-ET-Monitoring
1
X-Xss-Protection
0
Pragma
no-cache
Last-Modified
Sa, 24 Dez 2022 10:07:27 GMT
X-ET-Code
0
Content-Type
image/gif
Cache-Control
max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-ET-Camp
1250
Expires
Mon, 26 Jul 1997 05:00:00 GMT
async_usersync
ib.adnxs.com/ Frame B3C7 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1654713&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:26 GMT
AN-X-Request-Uuid
cd496182-7553-49d3-bfb3-69bf25836fcd
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4086 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
289733
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 21 Dec 2022 01:38:33 GMT
expires
Thu, 21 Dec 2023 01:38:33 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 301F 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c3e063a344fed33b123ec6c81ff517910af240baff763f47214eae4187738788
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-cq9xGM-vLYiInGI16LvZEg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-cq9xGM-vLYiInGI16LvZEg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 24 Dec 2022 10:07:26 GMT
expires
Sat, 24 Dec 2022 10:07:26 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
ca
choices.truste.com/ Frame D573 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.truste.com/ca?pid=sojern01&aid=sojern02&cid=28229300&js=st0
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-7.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
bf7eed8c066cb8c123a8bcd1a31795dd09c83822291b4e4f28ed164fba212b95
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 ff2bcb2d3b4a3d9e0615ddd1033c38c4.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop
FRA2-C2
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
8031
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
text/javascript;charset=UTF-8
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
o6Z_DFesO96VzGt8lsrjGQXV3A3TQvrtzHz0mkgfkK1_xO53xDZxUg==
expires
Mon, 26 Jul 1997 05:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D573 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 24 Dec 2022 10:07:26 GMT
index.html
s0.2mdn.net/sadbundle/1849230996232346937/ Frame 2235 		18 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/1849230996232346937/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a2e429dca681b29687444a32c491210898db4631649804478023d5197cdc830
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
552052
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
4711
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sun, 18 Dec 2022 00:46:34 GMT
expires
Mon, 18 Dec 2023 00:46:34 GMT
last-modified
Wed, 20 Jul 2022 12:50:58 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame D573 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvqrKjuLkCKnm8NqZ8YD_UrYBQjU7hZ2lL1Y2ilL1n_7SOzLNnBjzvuvi6FqrQQITD8oS_POZ84orO869zdDscBjAolvBufDN7aAg7OQyrwIFxi_0QSE753mALSJEiImaq39OygGpL0Yzcil7LnalXRbLk&sai=AMfl-YQyD8fW1kXZqiSWB2k_4QgKOujDCKZ_u6dkbXas6Y35bEt6woEf-qkYQI8xaJzd5IHJXJAZLi-MYdqMNtjtpyEifk1W4GW6Hmv4vouk&sig=Cg0ArKJSzOKpHCX4nncEEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=3824&cbvp=1&cstd=3822&cisv=r20221207.31568&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:26 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 24 Dec 2022 10:07:26 GMT
dcm
beacon.sojern.com/imp/ Frame D573 		42 B
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.sojern.com/imp/dcm?auc=395398358634871920&io=${INSERTION_ORDER_ID}&li=${CAMPAIGN_ID}&cr=372961557&io=${INSERTION_ORDER_ID}&seg=${PIXEL_ID_COMMA}&src=${SOURCE_URL}&ord=%c
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=etmctaf&e=1971603729092
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
119.244.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
date
Sat, 24 Dec 2022 10:07:26 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
vary
Accept-Encoding
content-type
image/gif
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 0694 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
Origin
https://flashnetic.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 09:14:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3188
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 25 Dec 2022 09:14:18 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/ Frame 0694 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N163801.2560713PROPERTYSOLUTIONS/B26683479.316563413;dc_ver=92.271;sz=728x90;u_sd=1;gdpr=0;aucid=4512479597910238743;crid=322267861;ioid=%24%7BINSERTION_ORDER_ID%7D;liid=%24%7BCAMPAIGN_ID%7D;segid=%24%7BPIXEL_ID_COMMA%7D;srcid=%24%7BSOURCE_URL%7D;dc_adk=3504977957;ord=1uap0i;click=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FVfFG5pE_iD8bS8uVcBKCPwAAAIA9Cu8_G0vLlXASgj9W8UbmkT-IPxcmo0FJjJ8-jRdONcm4NVZXz6ZjAAAAAJdDgQEYKAAA6h8AAAIAAADVajUTnuYfAAAAAABVU0QARVVSANgCWgAx-QAAAAABAQUCAAAAAMoAKiPC_gAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521VRYFVAjEnbEYENXV1ZkBGJ7NfyAAKAAxmpmZmZmZuT86CUZSQTE6NjYyNUCIMEkAAAAAAADwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAADQP2kAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DODE3MCNGUkExOjY2MjU%3D%2Fbn%3D99384%2Fclickenc%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Fforward.com%2F$0;xdt=1;crlt=SGqX)'TyIK;gcsr=m;stc=1;chaa=1;sttr=1956;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 16:52:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
62121
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 06 Jan 2023 16:52:05 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 0694 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:30:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
290194
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Dec 2023 01:30:52 GMT
crum
dsum-sec.casalemedia.com/ Frame 83CA
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=8874ED5CEE8940DDB1B8506056D965E5
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=8874ED5CEE8940DDB1B8506056D965E5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:27 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=492
Content-Length
43
Expires
0

Redirect headers

date
Sat, 24 Dec 2022 10:07:26 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=8874ED5CEE8940DDB1B8506056D965E5
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 23 Dec 2022 10:07:26 GMT
tp_out
d.adroll.com/cm/index/ Frame 83CA 		42 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:cc3:fe05:1f91:910c:4285:3fe6 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:26 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.0
content-length
42
vary
Cookie
content-type
image/gif
crum
dsum.casalemedia.com/ Frame 83CA
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=12f3d347-713d-dd7a-fe33f9e7
43 B
833 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=12f3d347-713d-dd7a-fe33f9e7
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U%2BpHYig3Pj3EVcQQn8ZveXpumY7p%2BnXaSEWJGL5dnf0dBE4jc5vyVErDdU43k04OveWSQLDSRT1ys2YMBDCgqKjOqxBzjd37KZSSw2iUl04kmbw%2BobFHyE2q7z4M5HhveWdRDGad"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
77e887bc5ed2bbdf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Sat, 24 Dec 2022 10:07:27 GMT
via
1.1 google
server
nginx/1.22.1
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=12f3d347-713d-dd7a-fe33f9e7
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119
dcm
s.amazon-adsystem.com/ Frame 83CA 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:27 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
ZK834HQFVWHXPYCCS3F1
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 83CA
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:29 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
rum
dsum.casalemedia.com/ Frame 83CA
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=index
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=index&bsw_custom_parameter=755320ee-2727-4208-8ed9-6b19251e856a
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=index&bsw_custom_parameter=755320ee-2727-4208-8ed9-6b19251e856a
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=42cda133-5d22-44e1-a0f2-c788baa8b708&ssp=index&expires=30&user_group=5&bsw_param=755320ee-2727-4208-8ed9-6b19251e856a
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=755320ee-2727-4208-8ed9-6b19251e856a&gdpr=&gdpr_consent=&us_privacy=
43 B
837 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=755320ee-2727-4208-8ed9-6b19251e856a&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c6EsmyqZYGe6z%2BcOD%2FK%2B6gAIRCo%2BleEUJi750Waw00kvc%2FNlTzHb8YLhF6B85PvbTyTc2xD4OpbeVVGmU2xiLKJJJ1Bsl%2B%2Bt9m2Kqxsi3GKMO7dBTEM5v8LiPQ99TDvoLr50C9Et"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
77e887d39a1abbdf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
//dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=755320ee-2727-4208-8ed9-6b19251e856a&gdpr=&gdpr_consent=&us_privacy=
date
Sat, 24 Dec 2022 10:07:31 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
rum
dsum.casalemedia.com/ Frame 83CA
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1671962847
43 B
838 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1671962847
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KosvViDCaQ4jkHu%2Fu3X3PtGksFux7a9Qm2wU01Hpg9x3gmJGG%2B1bNnRCKBNq%2FyIWKh%2Fmq7x1%2B%2ByQPXktwmKX8Aq9UAAAWq4JX%2BA8WbqKzbko965q46DpsYR4E5ppCx5eD5Dzp4De"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
77e887bbfe11bbdf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1671962847
pragma
no-cache
date
Sat, 24 Dec 2022 10:07:27 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 83CA 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:965e:3ef:16d0:9a4c Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:27 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
htw-pixel.gif
cdn.indexww.com/ht/ Frame 83CA 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y6bPWOa4eXFjFoTtryyD1wAA%261203
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:27 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
5290
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77e887b74ae52c06-FRA
content-length
43
expires
Sun, 25 Dec 2022 10:07:27 GMT
async_usersync
ib.adnxs.com/ Frame 1079 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=11153&pub_id=2164665&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=11153&pub_id=2164665
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:26 GMT
AN-X-Request-Uuid
8bf17166-0e50-4f9d-ba55-c698a860e239
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 5A5E 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:965e:3ef:16d0:9a4c Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:26 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 5A5E
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
2a05:d018:d29:3605:965e:3ef:16d0:9a4c Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:27 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB
date
Sat, 24 Dec 2022 10:07:26 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ibs:dpid=23728&dpuuid=Y6bPWOa4eXFjFoTtryyD1wAA%261203
dpm.demdex.net/ Frame 5A5E 		42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y6bPWOa4eXFjFoTtryyD1wAA%261203?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.144.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-144-110.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v045-08dd6474c.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
A6E6DO9iQuo=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
crum
dsum-sec.casalemedia.com/ Frame 5A5E
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y6bPWOa4eXFjFoTtryyD1wAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELtoEg0zw9AuV8qnWchS9f8&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELtoEg0zw9AuV8qnWchS9f8&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:29 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELtoEg0zw9AuV8qnWchS9f8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 5A5E 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:27 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
A7N7DAG7R21GHJ8EESCS
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum.casalemedia.com/ Frame 5A5E
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=6212074435349714829
43 B
837 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=6212074435349714829
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JtO4pcnw6bW8xN4uMtSKSW7QWCxqQZ%2FpASGS%2Bp%2F5K9QNjPJR9qqTpjvul1oHeG79KjEAe0IZp%2BW1LPbueS865SpH%2FDFlvtnY23%2BbDJcM7%2FfucQQ0ncgWndljx1hCcNOemob5Qmgi"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
77e887bc0e3dbbdf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Date
Sat, 24 Dec 2022 10:07:27 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
bc0949ad-31e9-45fa-ad38-beb07bb06c95
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=6212074435349714829
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tp_out
d.adroll.com/cm/index/ Frame 5A5E 		42 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:cc3:fe05:1f91:910c:4285:3fe6 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:27 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.0
content-length
42
vary
Cookie
content-type
image/gif
crum
dsum-sec.casalemedia.com/ Frame 5A5E
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7236359441748730540&expiration=1673086047
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7236359441748730540&expiration=1673086047
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=485
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7236359441748730540&expiration=1673086047
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
htw-pixel.gif
cdn.indexww.com/ht/ Frame 5A5E 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y6bPWOa4eXFjFoTtryyD1wAA%261203
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:27 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
5290
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77e887b75b0e2c06-FRA
content-length
43
expires
Sun, 25 Dec 2022 10:07:27 GMT
rubicon
match.adsrvr.org/track/cmf/ Frame C33A 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 24 Dec 2022 10:07:27 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame C33A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGePjeZ6fw-6SZkWLJ-mk0s&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGePjeZ6fw-6SZkWLJ-mk0s&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGePjeZ6fw-6SZkWLJ-mk0s&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C33A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEMxUzI5TEYtMU8tR1VWOQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEMxUzI5TEYtMU8tR1VWOQ==
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H3
Server
142.251.208.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s43-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEMxUzI5TEYtMU8tR1VWOQ==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame C33A
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=AzC1aBkkTvS7yzV25ffwSg&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=AzC1aBkkTvS7yzV25ffwSg
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=AzC1aBkkTvS7yzV25ffwSg
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Server
52.95.126.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:29 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
Y5DP80FK34W75THYRCD6
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=AzC1aBkkTvS7yzV25ffwSg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame C33A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LC1S29LF-1O-GUV9
0
706 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LC1S29LF-1O-GUV9
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:28 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 5073DE7E2F9A44299E9C85F9273FBC1D Ref B: FRAEDGE1418 Ref C: 2022-12-24T10:07:28Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXwkBHOl1zxWKTOUiAb8g==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LC1S29LF-1O-GUV9
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame C33A
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=XIA8qfQDQ-W4ueFUFpwK_Q&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=XIA8qfQDQ-W4ueFUFpwK_Q
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=XIA8qfQDQ-W4ueFUFpwK_Q
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:29 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
MCGX4XVP8EXWVRXR6BTC
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=XIA8qfQDQ-W4ueFUFpwK_Q
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame C33A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/v0gFsmRPRMp7vFCLZAssYcn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-cajZFmVE2oKnn2UKIb5qBG5pVtYlYArHwdBhdA--~A
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-cajZFmVE2oKnn2UKIb5qBG5pVtYlYArHwdBhdA--~A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Sat, 24 Dec 2022 10:07:28 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-cajZFmVE2oKnn2UKIb5qBG5pVtYlYArHwdBhdA--~A
content-length
0
pixel
cm.g.doubleclick.net/ Frame C33A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjQ5OTNmYTc2NDMyOGNiODY5YmM4YTdjNTdmZDJlNjAxYmZmMDJmYg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjQ5OTNmYTc2NDMyOGNiODY5YmM4YTdjNTdmZDJlNjAxYmZmMDJmYg
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H3
Server
142.251.208.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s43-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjQ5OTNmYTc2NDMyOGNiODY5YmM4YTdjNTdmZDJlNjAxYmZmMDJmYg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
collect
n.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://n.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-f/s/0.7.1/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.184.204.244 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://forward.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
https://forward.com
date
Sat, 24 Dec 2022 10:07:26 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
vary
Origin
request-context
appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
async_usersync
ib.adnxs.com/ Frame DE4F 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:27 GMT
AN-X-Request-Uuid
ac01c6ee-20ba-4d86-abaa-c4544997bb24
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tp_out
d.adroll.com/cm/index/ Frame EFC8 		42 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:cc3:fe05:1f91:910c:4285:3fe6 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:27 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.0
content-length
42
vary
Cookie
content-type
image/gif
crum
dsum-sec.casalemedia.com/ Frame EFC8
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=493
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:27 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
usermatchredir
ssum-sec.casalemedia.com/ Frame EFC8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJ57NvDKF-zGmN4-Sfn3qpU&google_cver=1
43 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJ57NvDKF-zGmN4-Sfn3qpU&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UXQFdj7wfhGenoueLUZn2ubhtVQT25plxYGYW5WxDqbSWgXr8YyJAe7ZYHGYh196LgHA%2FpOie5IAtOyCTv8FckeK0klJjQlj0j7GK7ESOXHAYxxIeS2YhF386sW3uVwmrkTSpRfbKVrq7w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
77e887bc3e989a1d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJ57NvDKF-zGmN4-Sfn3qpU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame EFC8 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:965e:3ef:16d0:9a4c Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:27 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame EFC8
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6212074435349714829
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6212074435349714829
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=492
Content-Length
43
Expires
0

Redirect headers

Date
Sat, 24 Dec 2022 10:07:27 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
36333a27-b3bd-4e28-b5d1-25fe389f26da
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6212074435349714829
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ibs:dpid=23728&dpuuid=Y6bPWOa4eXFjFoTtryyD1wAA%261203
dpm.demdex.net/ Frame EFC8 		42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y6bPWOa4eXFjFoTtryyD1wAA%261203?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.144.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-144-110.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v045-0ff225fd5.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
jB8lzRDtTas=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
crum
dsum-sec.casalemedia.com/ Frame EFC8
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=8874ED5CEE8940DDB1B8506056D965E5
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=8874ED5CEE8940DDB1B8506056D965E5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=490
Content-Length
43
Expires
0

Redirect headers

date
Sat, 24 Dec 2022 10:07:27 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=8874ED5CEE8940DDB1B8506056D965E5
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 23 Dec 2022 10:07:27 GMT
rum
dsum.casalemedia.com/ Frame EFC8
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1671962847
43 B
831 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1671962847
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mAZ8MG%2F592cVfU4mi3quZDN486ZC3pniuyn%2Bmhqmrh8psWdB1nGK1crwJFbhvPPUD5zaUxmiQf5LlZaVO5bo%2B6vs23w2IYuvh6gsxEkaddPqpnO3JJ1zZ7erClqwgxKyaBN4sAfI"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
77e887bc1e5fbbdf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1671962847
pragma
no-cache
date
Sat, 24 Dec 2022 10:07:27 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
htw-pixel.gif
cdn.indexww.com/ht/ Frame EFC8 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y6bPWOa4eXFjFoTtryyD1wAA%261203
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:27 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
5290
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77e887b76b352c06-FRA
content-length
43
expires
Sun, 25 Dec 2022 10:07:27 GMT
usync.html
eus.rubiconproject.com/ Frame 69B7 		281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 10:07:27 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 103E 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
53035
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 24 Dec 2022 10:07:27 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 15 Dec 2022 19:23:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
100, 268282
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220065-HHN
X-Timer
S1671876447.107575,VS0,VE0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1963 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=157693
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sat, 24 Dec 2022 10:07:27 GMT
expires
Mon, 26 Dec 2022 05:55:40 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame D0A4 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
417
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
77e887b1f9f92bd2-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 10:07:27 GMT
expires
Sat, 24 Dec 2022 14:07:27 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame ED16 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:27 GMT
AN-X-Request-Uuid
18044207-60a4-4502-a033-16f94671f1ab
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 3F22 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:27 GMT
AN-X-Request-Uuid
c22d5f01-0921-4045-87fe-8cb00f378c94
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame A0B6 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:27 GMT
AN-X-Request-Uuid
d8acb8d8-5aad-4d9f-bed0-13a4633334e3
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ix
ad4m.at/ad/sim/ Frame 395B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
crum
dsum.casalemedia.com/ Frame 395B
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=12f3d347-713d-dd7a-fe33f9e7
43 B
830 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=12f3d347-713d-dd7a-fe33f9e7
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=diScFuVc%2BQ8MT4k8aa7RrcMjUkWABMsKypzxCsItbjLkrWD1AUvH07eU3lqtnfzOMSw0j8gch4RJ1pJaZOigAbIk197SjOIAVXd7%2BoaJwGQBhJOqgfnAfVRcCD02ODCuNArj6Yf8"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
77e887b86e9cbbdf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Sat, 24 Dec 2022 10:07:27 GMT
via
1.1 google
server
nginx/1.22.1
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=12f3d347-713d-dd7a-fe33f9e7
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119
crum
dsum.casalemedia.com/ Frame 395B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=6212074435349714829
43 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=6212074435349714829
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LMFheQ9R%2BZ1%2BkKQfsB0OwW%2Bf3oauh0XifY6wJZq%2FvM%2BaGS%2FmJe501kbnrxjN2FurGvL%2Byf1FlKEnAkMYiR4dZNMCcem6GXRJri6c6f1nl4NJVZ3QLguRp3TWgFlHfzRNmB%2BSOrEw"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
77e887bc2e6dbbdf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Date
Sat, 24 Dec 2022 10:07:27 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
6355b046-ec5e-44b5-9b76-6ab2da6e32dc
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=6212074435349714829
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 395B
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:29 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=486
Content-Length
43
Expires
0

Redirect headers

date
Sat, 24 Dec 2022 10:07:28 GMT
server
nginx
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
access-control-allow-origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
content-type
text/html; charset=UTF-8
cache-control
no-cache
keep-alive
timeout=10
access-control-allow-headers
Origin
crum
dsum-sec.casalemedia.com/ Frame 395B
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:29 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=487
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
crum
dsum-sec.casalemedia.com/ Frame 395B
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=492
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D
date
Sat, 24 Dec 2022 10:07:27 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
tp_out
d.adroll.com/cm/index/ Frame 395B 		42 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:cc3:fe05:1f91:910c:4285:3fe6 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:27 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.0
content-length
42
vary
Cookie
content-type
image/gif
ie
match.prod.bidr.io/cookie-sync/ Frame 395B 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.69.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-69-248.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:27 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame 395B 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y6bPWOa4eXFjFoTtryyD1wAA%261203
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:27 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
5290
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77e887b78b6e2c06-FRA
content-length
43
expires
Sun, 25 Dec 2022 10:07:27 GMT
async_usersync
ib.adnxs.com/ Frame BC3F 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:27 GMT
AN-X-Request-Uuid
c899b382-ad67-4fdb-96c5-65ef0ea5bc1c
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 97B0
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y6bPWOa4eXFjFoTtryyD1wAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELtoEg0zw9AuV8qnWchS9f8&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELtoEg0zw9AuV8qnWchS9f8&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=482
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELtoEg0zw9AuV8qnWchS9f8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ibs:dpid=23728&dpuuid=Y6bPWOa4eXFjFoTtryyD1wAA%261203
dpm.demdex.net/ Frame 97B0 		42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y6bPWOa4eXFjFoTtryyD1wAA%261203?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.144.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-144-110.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v045-0a637d725.edge-irl1.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
eDh23JD0TAM=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
usermatchredir
ssum-sec.casalemedia.com/ Frame 97B0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJ57NvDKF-zGmN4-Sfn3qpU&google_cver=1
43 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJ57NvDKF-zGmN4-Sfn3qpU&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hfz%2FqArE5oU6v2OPmBSqqPKgHQmZYudFNCup4naxc1qK4xOpA4y9MgF0TeLGuBwuOrfS8IWxrFnih4%2Bwj5N4jtaifH9AynA7I4H9OU29sFw3m9Ku0DuYd30AjR5aFQAN1WtGZuXJDeyC2A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
77e887bc5ec19a1d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJ57NvDKF-zGmN4-Sfn3qpU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 97B0
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7236359441748730540&expiration=1673086047
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7236359441748730540&expiration=1673086047
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=491
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7236359441748730540&expiration=1673086047
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 97B0
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
2a05:d018:d29:3605:965e:3ef:16d0:9a4c Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:28 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB
date
Sat, 24 Dec 2022 10:07:27 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum-sec.casalemedia.com/ Frame 97B0
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y6bPWwAF2FDiKwAe
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y6bPWwAF2FDiKwAe
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=484
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-hhn-etou8220080-HHN
pragma
no-cache
date
Sat, 24 Dec 2022 10:07:27 GMT
via
1.1 varnish
server
Varnish
x-timer
S1671876448.966469,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y6bPWwAF2FDiKwAe
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
ix
ad4m.at/ad/sim/ Frame 97B0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
ie
match.prod.bidr.io/cookie-sync/ Frame 97B0 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.69.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-69-248.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:27 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame 97B0 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y6bPWOa4eXFjFoTtryyD1wAA%261203
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:27 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
5290
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77e887b7cbd12c06-FRA
content-length
43
expires
Sun, 25 Dec 2022 10:07:27 GMT
async_usersync
ib.adnxs.com/ Frame A3F6 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:27 GMT
AN-X-Request-Uuid
b8349e60-7f8f-428b-8bd4-85c1c714d250
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 9FFE
Redirect Chain
  • https://cm.ctnsnet.com/int/cm?exc=19
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=6b65e8f67c574f6783cc100621111b41&expiration=1674468447
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=6b65e8f67c574f6783cc100621111b41&expiration=1674468447
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:26 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=6b65e8f67c574f6783cc100621111b41&expiration=1674468447
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
ix
ad4m.at/ad/sim/ Frame 9FFE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 9FFE 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:965e:3ef:16d0:9a4c Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:27 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
rum
dsum-sec.casalemedia.com/ Frame 9FFE
Redirect Chain
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=Y6bPWOa4eXFjFoTtryyD1wAA%261203
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=680c0b47-18d3-4815-8c9d-099fa02ba26d-tuctaa054df
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=680c0b47-18d3-4815-8c9d-099fa02ba26d-tuctaa054df
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=483
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=680c0b47-18d3-4815-8c9d-099fa02ba26d-tuctaa054df
date
Sat, 24 Dec 2022 10:07:27 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
40679
crum
dsum.casalemedia.com/ Frame 9FFE
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=6212074435349714829
43 B
830 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=6212074435349714829
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2I6SmRWrluMCWgqNGQZi5C2VlTs7jSQ8TTLovXTQb40zFi7MJFhutcarvs%2BufezcL3MQ6b7FGO3DSdpybdTSmTPY9XzXrcBXcWPwrdFF6AX2phs251jQ5i51RZTrlWtVP%2FhCam3k"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
77e887bc5ed4bbdf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Date
Sat, 24 Dec 2022 10:07:27 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
232bf73b-32df-4079-82ee-ac7e46415733
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=6212074435349714829
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 9FFE
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=1bPmf4DmsivOs-Z91biqeNC0tnnOt-Yv0LOwaNNR
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=1bPmf4DmsivOs-Z91biqeNC0tnnOt-Yv0LOwaNNR
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=489
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=1bPmf4DmsivOs-Z91biqeNC0tnnOt-Yv0LOwaNNR
pragma
no-cache
date
Sat, 24 Dec 2022 10:07:27 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 9FFE
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=97cb63a6-cf57-4b00-93fc-283781cb1270
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=97cb63a6-cf57-4b00-93fc-283781cb1270
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=491
Content-Length
43
Expires
0

Redirect headers

Date
Sat, 24 Dec 2022 10:07:27 GMT
Server
MT3 277 3f0ad7a master cdg-pixel-x35 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=97cb63a6-cf57-4b00-93fc-283781cb1270
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 24 Dec 2022 10:07:26 GMT
casale
match.adsrvr.org/track/cmf/ Frame 9FFE 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 24 Dec 2022 10:07:27 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
htw-pixel.gif
cdn.indexww.com/ht/ Frame 9FFE 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y6bPWOa4eXFjFoTtryyD1wAA%261203
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:27 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
5290
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77e887b7dbf42c06-FRA
content-length
43
expires
Sun, 25 Dec 2022 10:07:27 GMT
usermatch
ssum-sec.casalemedia.com/ Frame B8FD 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fab4e3fff5d826c438004dea8ae3b051bfa09d2e9b6bfe10dec2b8ed063bbdf

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
77e887b27a9f9a1d-FRA
content-encoding
br
content-type
text/html
date
Sat, 24 Dec 2022 10:07:27 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dnuranDLkMbG3f4unoqf5FW%2FvN51YcuKpxLuO23G2ZZrjoanTvewyXxHxZ4HJsMXpUMrYVu6BbvootrPMcQoceWFqyH5EK1KCFVbQrsPi1yCv8GXCqdNotupR1d8S5uv4XWgjEozUj60Pg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame 44BB 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:27 GMT
AN-X-Request-Uuid
e9a40b1a-5dda-46b4-8477-026963ce14a9
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ca
choices.truste.com/ Frame A4FA 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.truste.com/ca?pid=sojern01&aid=sojern02&cid=24055176&js=st0
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-7.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
36c3117307c70cc8ac0034083c2159b11404fcc4bca11ffeb91ebbc2fb1c0a56
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 ff2bcb2d3b4a3d9e0615ddd1033c38c4.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop
FRA2-C2
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
8030
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
text/javascript;charset=UTF-8
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
OCwP5SnVIl84fBKvtzwd48i12u4Z9RIT9D1ltYoFtKOM9odBtdbURQ==
expires
Mon, 26 Jul 1997 05:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A4FA 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 24 Dec 2022 10:07:27 GMT
index.html
s0.2mdn.net/sadbundle/12888370925857180031/ Frame 9442 		18 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12888370925857180031/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1194107e098d32bbd417d0589e369255c97c4a1036ec16231a2f7ac231b3d587
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
565564
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
4763
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sat, 17 Dec 2022 21:01:23 GMT
expires
Sun, 17 Dec 2023 21:01:23 GMT
last-modified
Fri, 09 Oct 2020 18:41:05 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame A4FA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss_vjT1iurz3N-3qU3Uru0EBM8MvK5mbW5GQqoQ2IEZYrqHwScKXgsXrEDVq8QwHt821ZIkiHuGiGjvVWvG8S6LZN8dmYTthIUPPAeXb1fCQpQtslr-vTGqa7pstZq7-4jSm8hDyFMMld_FSy7DIA9J_cE&sai=AMfl-YT47y1AUILcq5OHpQvMe0dIf1K9gTaUMRRhCFojwUWMM7B6pvuAjlEjfcgC-LWClIyPoMd_i6qMcV7Eh0-bp7h125WUsiUeYLpQy0XI&sig=Cg0ArKJSzD4qdTw8NIiUEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=3171&cbvp=1&cstd=3167&cisv=r20221207.13204&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 24 Dec 2022 10:07:27 GMT
dcm
beacon.sojern.com/imp/ Frame A4FA 		42 B
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.sojern.com/imp/dcm?auc=3973708468614784229&io=${INSERTION_ORDER_ID}&li=${CAMPAIGN_ID}&cr=240739685&io=${INSERTION_ORDER_ID}&seg=${PIXEL_ID_COMMA}&src=${SOURCE_URL}&ord=%c
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=xsxkp&e=1971603729092
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
119.244.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
date
Sat, 24 Dec 2022 10:07:27 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
vary
Accept-Encoding
content-type
image/gif
async_usersync
ib.adnxs.com/ Frame 812D 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:27 GMT
AN-X-Request-Uuid
a291547a-73b7-402f-b439-12878b8ff661
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 5F16 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:27 GMT
AN-X-Request-Uuid
43ea2acf-fb66-4ed9-8409-17ac17b2400b
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame F81C 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0c8f98d3f54dfb5f383cd071437a29efc5f6ff441adbaa13dde93ada94439ff

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
77e887b2aaee9a1d-FRA
content-encoding
br
content-type
text/html
date
Sat, 24 Dec 2022 10:07:27 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dl2%2BNQeKWIoWpAT0ixnchB08HN7mYPy1nZHOzgFCP2lNMg8sU2xpfgBXBaqLSjCl65NWtj62eSxHD%2FdvYtYq6oKkR78FBIvfGQsgX6%2B%2FflU9OXSkU42Yk7V5Y0TKgPRuUpXTW3kt67fKAA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame 374D 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:27 GMT
AN-X-Request-Uuid
f1d2573f-6d7e-45bc-8824-078bc253ec3d
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame BD49 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:27 GMT
AN-X-Request-Uuid
ce1112ec-bf2a-4349-9497-8e6f1d00e77c
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 8B30 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7be8a722414a0d18b1378edf9c57ee6b6ed3648a7c607599f03b4e22c79fba43

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
77e887b2bb149a1d-FRA
content-encoding
br
content-type
text/html
date
Sat, 24 Dec 2022 10:07:27 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3D0nd6F%2F61%2FWrvaT5e%2Bm52roFbqVu3YSkh4kMR4TKyRzOgvpbcvrh5zdKyRsaGygvP3zKp7lvAm7gKnICNP425ju16uaEUC8Rfn%2F5TGDDWdKs8AKuEmDNnMeSEzbXYgIhdX4CPfLVs4o8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame 1298 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:27 GMT
AN-X-Request-Uuid
8d797389-9864-489b-b875-ddd7ca187d15
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ca
choices.trustarc.com/ Frame 8045 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/ca?aid=sojern02_d&pid=sojern01&cid=0&w=728&h=90&c=345246278&js=pmw1&base=te-clr1-3652e3cc-93e7-4fe3-8ecc-5901eff74087
Requested by
Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?sz=728x90&c=345246278&cid=0&aid=sojern02_d&pid=sojern01&js=pmw0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-110.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
6069823aed04fc7f7ccce86d78cf19f5c0336bacb392c60131f591582e665085
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop
FRA2-C1
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
2365
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
text/javascript;charset=UTF-8
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
JpL-B9-vR3wE1q-cJ8KzLhR5sJxTqR2UNXjQIgRfP2_uyWs0SnRwMg==
expires
Mon, 26 Jul 1997 05:00:00 GMT
ca
choices.trustarc.com/ Frame 8045 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/ca?aid=sojern02_d&pid=sojern01&cid=0&w=728&h=90&c=345246278&js=pmw2
Requested by
Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?sz=728x90&c=345246278&cid=0&aid=sojern02_d&pid=sojern01&js=pmw0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-110.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop
FRA2-C1
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
text/javascript;charset=UTF-8
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
cgEAZePTtQuuugxpUpI0AGFuuys4TLopZmszzIqP0_81MyF0jpoYTw==
expires
Mon, 26 Jul 1997 05:00:00 GMT
cap
choices.trustarc.com/ Frame 8045 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/cap?aid=sojern02_d&pid=sojern01&cid=0&w=728&h=90&c=f1d1
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=cigritfmlj&e=1535582086632
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-110.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
via
1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
hCRUbPb0n2pWiXdhos09vdn7NlAQcKRhzICMqAp2NHItOMaruKMYhA==
expires
Mon, 26 Jul 1997 05:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 507F 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9355b9cf9c1a25ea40d095f828620a90fda18324d90439bbc7f54f19578614b

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
77e887b2cb4b9a1d-FRA
content-encoding
br
content-type
text/html
date
Sat, 24 Dec 2022 10:07:27 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OtSVLdhk4YhgG8XnuWsbcYdsSRde0wBPf%2BcW83nPxFZCQ%2FPRcyvBjwBuM1UdFQdqDLae3mUa0Gdih6C6z1qzbMv6v2%2BeUBX69AoEVEknML9OyGcjrhC2KrF83pZ8sYzd%2BDxJ%2FkqGPMlqBg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
skeleton.js
static.adsafeprotected.com/ Frame 90BF
Redirect Chain
  • https://pixel.adsafeprotected.com/rfw/st/992712/61653181/skeleton.js?737021620&adsafe_url=https%3A%2F%2Fforward.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fforward.com%2F&adsafe_type=c&adsafe_url=ht...
  • https://static.adsafeprotected.com/skeleton.js?737021620
17 B
463 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js?737021620
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=efljs&e=1535582086632
Protocol
H2
Server
2600:9000:21f3:4800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:50:24 GMT
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via
1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
8230625
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
N6xiiYJ4g9XhBKOj63XE8AR7YtyJ6aIzXAjQGhX_seDGk5Tds9Wt1w==

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:27 GMT
server
nginx
x-server-name
app05.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.js?737021620
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame A4F5 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=efljs&e=1535582086632
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:4800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
8101871
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
yA3cTuGprWzd0Y_TC01UngfEKXvgzKao7lJ4guJhGs7DUHw9tCm-Lg==
async_usersync
ib.adnxs.com/ Frame 3349 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:27 GMT
AN-X-Request-Uuid
5f441be5-8893-4c63-a96b-d6c0db87990b
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 1A52 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d545ba9f93c7f54b316be6bbd4e44275f55bee3204ca87b7e9c9a25ac36d875e

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
77e887b34c239a1d-FRA
content-encoding
br
content-type
text/html
date
Sat, 24 Dec 2022 10:07:27 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ug%2BzjvsIEoQdq43s2slBuS1TNQXZUB1Qt%2FvUCk9g04zMyz69Gu8TiBaJHER7JXRfaVqrBTI4BK0Z3NCXIO5UAUmwKYdlR0SV62gHlXJBUMg%2Fs745mAfoljOLpIU26k8YtYT9Exb6mzn1hg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
ca
choices.trustarc.com/ Frame 3516 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/ca?aid=sojern02_d&pid=sojern01&cid=0&w=728&h=90&c=1238630086&js=pmw1&base=te-clr1-827980b0-d124-4647-88fc-fa0888adf208
Requested by
Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?sz=728x90&c=1238630086&cid=0&aid=sojern02_d&pid=sojern01&js=pmw0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-110.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
efe1e7b15f88d62feac06c1937e1c209f3e3b2c3af373d2fa8d10110a6e86028
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop
FRA2-C1
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
2364
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
text/javascript;charset=UTF-8
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
LJgjySHpDDs0m78dRPx9yeFO6Of0M9QyVQIs-2MTa99bGZTZpOFhcA==
expires
Mon, 26 Jul 1997 05:00:00 GMT
ca
choices.trustarc.com/ Frame 3516 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/ca?aid=sojern02_d&pid=sojern01&cid=0&w=728&h=90&c=1238630086&js=pmw2
Requested by
Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?sz=728x90&c=1238630086&cid=0&aid=sojern02_d&pid=sojern01&js=pmw0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-110.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop
FRA2-C1
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
text/javascript;charset=UTF-8
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
98LFPFP-u_Y4oG3Bj3B80Y3UYaLL4PYrQf_2YIEXs9WVRkFgPayJwg==
expires
Mon, 26 Jul 1997 05:00:00 GMT
cap
choices.trustarc.com/ Frame 3516 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/cap?aid=sojern02_d&pid=sojern01&cid=0&w=728&h=90&c=a68d
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=uffdafdut&e=1535582086632
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-110.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
via
1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
fo6ETs31KMgdwA7RvU91EYLRm0d2IoN6XPSPRKal3uaZUbm2LxNyDg==
expires
Mon, 26 Jul 1997 05:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame D995 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42f40032553c268e7e3f27c21a7f55ce5533bfb719025ece68b9dc683b85eb42

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
77e887b35c469a1d-FRA
content-encoding
br
content-type
text/html
date
Sat, 24 Dec 2022 10:07:27 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=omSqU9YHaLpMhovggntBoZYh%2FrUlmaD2ZLhckc4laFQXO6seb3b7s9CQ9Ahs1ze9U0FVC3A7zsacH2x5eRDexAIe2WC9hozjuREThedI1pYGat%2F9ya%2FXCvSqLepTIOZuhQULI%2FMIxQWTqg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame 3E31 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:27 GMT
AN-X-Request-Uuid
9a5558c7-b024-4b38-9ad6-ef7aba4db5ac
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ca
choices.trustarc.com/ Frame BE2C 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/ca?aid=sojern02_d&pid=sojern01&cid=0&w=728&h=90&c=1988710481&js=pmw1&base=te-clr1-ecbe2e9e-fc1e-4104-bc68-b5d58634b61c
Requested by
Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?sz=728x90&c=1988710481&cid=0&aid=sojern02_d&pid=sojern01&js=pmw0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-110.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
f8b8e23bfd5699e4dd79615cd60cb3f4d74128b6a68027fe83a20cb3087f4c13
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop
FRA2-C1
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
2365
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
text/javascript;charset=UTF-8
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
9C93vmDZzVzL92WEXzrCoav1b-ya0oeDskZWkDVxUy31NWSjHhfs8Q==
expires
Mon, 26 Jul 1997 05:00:00 GMT
ca
choices.trustarc.com/ Frame BE2C 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/ca?aid=sojern02_d&pid=sojern01&cid=0&w=728&h=90&c=1988710481&js=pmw2
Requested by
Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?sz=728x90&c=1988710481&cid=0&aid=sojern02_d&pid=sojern01&js=pmw0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-110.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop
FRA2-C1
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
text/javascript;charset=UTF-8
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
mAkfjLP0uwfXXsDuvZtmGDD5ihvIBL6tY7ONG6AbtRBTfp4KAf_F8Q==
expires
Mon, 26 Jul 1997 05:00:00 GMT
cap
choices.trustarc.com/ Frame BE2C 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/cap?aid=sojern02_d&pid=sojern01&cid=0&w=728&h=90&c=7362
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=cqjing&e=1535582086632
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-110.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
via
1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
D5BqES4asc4IeM0Cx8RuOoQxT70-F7hCyQo2vz293Y1ce2k_0qJ16g==
expires
Mon, 26 Jul 1997 05:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame E9D0 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
edfba05b50aad070a5a31aa5b3f3818b31423060f0376fc3c42eea394a13d4ed

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
77e887b38c7c9a1d-FRA
content-encoding
br
content-type
text/html
date
Sat, 24 Dec 2022 10:07:27 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KSeggkzMPlVVj0prizteN0M2aPgDWPrkH9az6NMDkLx%2BcPrhtq6vNQTxBigXWgFJiWE8zPZOpVzUgRsny2L90mFUxTvhOkCvqr3k%2FY7bequLmNmyBiSB6nNc6fTYdFIt6m2%2Blimc0OucWw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame 3EFE 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:27 GMT
AN-X-Request-Uuid
f635ad16-56fe-4bb8-9ece-76a6ec0a424c
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 9FBD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120601&jk=4286651786911341&rc=
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
sca.17.6.2.js
static.adsafeprotected.com/ Frame 5809 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=sqwwysn&e=1535582086632
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:4800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
8101871
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
5n9LmgH1yKny-5lZMARCMoW7OIE60QhnwbJWSrKOrDi5h4jF-kX0QA==
mon
pixel.adsafeprotected.com/ Frame 3A7C 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=930248&advId=1694368&campId=5249020&pubId=10264&chanId=1654713&placementId=7337&planId=17801719&adsafe_par&impId=5074709440084529340&adsafe_url=https%3A%2F%2Fforward.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fforward.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fflashnetic.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dsqwwysn%26e%3D1535582086632&adsafe_type=bed&adsafe_jsinfo=,id:9d7b8e3d-18ac-083d-530b-71e179fb993e,c:xHUz8q,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-5bd77c4f97-f2hlb,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:1950,mot:0,app:0,maw:0,fm:tqVxbol+11%7C121%7C131%7C141%7C151%7C161%7C171%7C181%7C191%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e11%7C1e12%7C1e13%7C1f11%7C1f12%7C1f13%7C1g11%7C1g21%7C1g3%7C1g4%7C1g5%7C1h11%7C1h12%7C1h2%7C1h3%7C1h41%7C1h5%7C1i11%7C1i12%7C1i13%7C1i2%7C1i31%7C1i4%7C1i5%7C1j11%7C1j12%7C1j13%7C1j2%7C1j31%7C1j4%7C1j5%7C1k11%7C1k12%7C1k21%7C1k3%7C1k4%7C1k5%7C1l11%7C1l12%7C1l2%7C1l3%7C1l4%7C1l51%7C1m11%7C1m12%7C1m2%7C1m31%7C1m4%7C1m5%7C1n1*.930248%7C1n11%7C1n12%7C1n13%7C1n2%7C1n3%7C1n4%7C1n51%7C1o11%7C1o12%7C1o13%7C1o21%7C1o3%7C1o4%7C1o5%7C1p11%7C1p12%7C1p13%7C1p14%7C1p15%7C1p2%7C1p3%7C1p41%7C1p5%7C1q11%7C1q12%7C1q2%7C1q3%7C1q4%7C1q51%7C1r11%7C1r12%7C1r13%7C1r2%7C1r3%7C1r41%7C1r5%7C1s11%7C1s12%7C1s13%7C1s2%7C1s3%7C1s4%7C1s51%7C1t%7C1u11%7C1u12%7C1u13%7C1v11%7C1v12%7C1v21%7C1v3%7C1v4%7C1v5%7C1w11%7C1w2%7C1w3%7C1w41%7C1w5%7C1x1%7C1x21%7C1x3%7C1x4%7C1x5%7C1y11%7C1y12%7C1y2%7C1y31%7C1y4%7C1y5%7C1z11%7C1z12%7C1z2%7C1z3%7C1z41%7C1z5%7C11011%7C11012%7C1102%7C11031%7C1104%7C1105%7C1111%7C1112%7C11131%7C1114%7C1115%7C11211%7C11212%7C1122%7C1123%7C1124%7C11251%7C11311%7C1132%7C1133%7C1134%7C11351%7C11411%7C11412%7C1142%7C1143%7C11441%7C1145%7C11511%7C11611%7C1171%7C11721%7C1173%7C1174%7C1175%7C11811%7C11812%7C11821%7C1183%7C1184%7C1185%7C11911%7C11912%7C11921%7C1193%7C1194%7C1195%7C11a11%7C11a12%7C11a21%7C11a3%7C11a4%7C11a5%7C11b1%7C11b21%7C11b3%7C11b4%7C11b5%7C11c1%7C11c2%7C11c3%7C11c4%7C11c51%7C11d11%7C11d12%7C11d21%7C11d3%7C11d4%7C11d5%7C11e11%7C11e12%7C11e21%7C11f11%7C11f12%7C11f2%7C11g11%7C11g2%7C11g3%7C11g4%7C11g5%7C11h11%7C11h12%7C11h2%7C11i11%7C11i12%7C11i2%7C11j1%7C11k1%7C11l1%7C11m1%7C11n1%7C11o1%7C11o21%7C11o22%7C11o23%7C11o24%7C11o25%7C11o26%7C11o27%7C11o28%7C11o29%7C11o2a%7C11o2b%7C11o2c%7C11o2d%7C11o2e%7C11o2f%7C11o2g%7C11o2h%7C11o2i%7C11o3%7C11o4%7C11p1%7C11p2%7C11p3%7C11p4%7C11q1%7C11q2%7C11q3%7C11q4%7C11r1%7C11r2%7C11r3%7C11r4%7C11s1%7C11s2%7C11s3%7C11s4,idMap:1n1*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:1997,oid:c12ebf34-8372-11ed-828c-ee86caa0c292,v:19.8.377,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=sqwwysn&e=1535582086632
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.4.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-4-225.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:27 GMT
server
nginx
x-server-name
app08.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
crum
dsum-sec.casalemedia.com/ Frame BC31
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7236359441748730540&expiration=1673086047
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7236359441748730540&expiration=1673086047
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=494
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7236359441748730540&expiration=1673086047
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
crum
dsum-sec.casalemedia.com/ Frame BC31
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:29 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=488
Content-Length
43
Expires
0

Redirect headers

date
Sat, 24 Dec 2022 10:07:28 GMT
server
nginx
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
access-control-allow-origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
content-type
text/html; charset=UTF-8
cache-control
no-cache
keep-alive
timeout=10
access-control-allow-headers
Origin
crum
dsum-sec.casalemedia.com/ Frame BC31
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=97cb63a6-cf57-4b00-93fc-283781cb1270
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=97cb63a6-cf57-4b00-93fc-283781cb1270
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:29 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=489
Content-Length
43
Expires
0

Redirect headers

Date
Sat, 24 Dec 2022 10:07:28 GMT
Server
MT3 277 3f0ad7a master cdg-pixel-x28 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=97cb63a6-cf57-4b00-93fc-283781cb1270
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 24 Dec 2022 10:07:27 GMT
bridge
cm.adgrx.com/ Frame BC31 		43 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.95.96.108 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:28 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
ams-delivery-10
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT
rum
dsum-sec.casalemedia.com/ Frame BC31
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=1bPmf4DmsivOs-Z91biqeNC0tnnOt-Yv0LOwaNNR
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=1bPmf4DmsivOs-Z91biqeNC0tnnOt-Yv0LOwaNNR
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:29 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=481
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=1bPmf4DmsivOs-Z91biqeNC0tnnOt-Yv0LOwaNNR
pragma
no-cache
date
Sat, 24 Dec 2022 10:07:28 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame BC31 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 24 Dec 2022 10:07:28 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame BC31
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
2a05:d018:d29:3605:965e:3ef:16d0:9a4c Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:29 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB
date
Sat, 24 Dec 2022 10:07:28 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ie
match.prod.bidr.io/cookie-sync/ Frame BC31 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.69.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-69-248.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame BC31 		43 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y6bPWOa4eXFjFoTtryyD1wAA%261203
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:28 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
5291
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77e887b97f552c06-FRA
content-length
43
expires
Sun, 25 Dec 2022 10:07:28 GMT
crum
dsum-sec.casalemedia.com/ Frame 55E8
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=8874ED5CEE8940DDB1B8506056D965E5
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=8874ED5CEE8940DDB1B8506056D965E5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=488
Content-Length
43
Expires
0

Redirect headers

date
Sat, 24 Dec 2022 10:07:27 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=8874ED5CEE8940DDB1B8506056D965E5
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 23 Dec 2022 10:07:27 GMT
crum
dsum-sec.casalemedia.com/ Frame 55E8
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y6bPWOa4eXFjFoTtryyD1wAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELtoEg0zw9AuV8qnWchS9f8&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELtoEg0zw9AuV8qnWchS9f8&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:29 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=480
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELtoEg0zw9AuV8qnWchS9f8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 55E8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJ57NvDKF-zGmN4-Sfn3qpU&google_cver=1
43 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJ57NvDKF-zGmN4-Sfn3qpU&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jWtgjcbo9EGjI6mg7c83sZjY8svjUUE08TzmbBpLXNLagjlH1fSwmESZt5hwUbQf2ftsx3di0o%2FDtM2PkvZBKBhPPpXcQhwyvr%2B8QGutJwiSE04J3%2FZ5d7yeQ9qV4TKA%2FV6v%2BqB5ykB8CQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
77e887be49d49a1d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJ57NvDKF-zGmN4-Sfn3qpU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 55E8
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:29 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=484
Content-Length
43
Expires
0

Redirect headers

date
Sat, 24 Dec 2022 10:07:29 GMT
server
nginx
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
access-control-allow-origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
content-type
text/html; charset=UTF-8
cache-control
no-cache
keep-alive
timeout=10
access-control-allow-headers
Origin
crum
dsum-sec.casalemedia.com/ Frame 55E8
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=97cb63a6-cf57-4b00-93fc-283781cb1270
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=97cb63a6-cf57-4b00-93fc-283781cb1270
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:29 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=488
Content-Length
43
Expires
0

Redirect headers

Date
Sat, 24 Dec 2022 10:07:28 GMT
Server
MT3 277 3f0ad7a master cdg-pixel-x26 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=97cb63a6-cf57-4b00-93fc-283781cb1270
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 24 Dec 2022 10:07:27 GMT
Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 55E8
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
2a05:d018:d29:3605:965e:3ef:16d0:9a4c Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:29 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB
date
Sat, 24 Dec 2022 10:07:28 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
bridge
cm.adgrx.com/ Frame 55E8 		43 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.95.96.108 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:28 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
ams-delivery-10
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT
ie
match.prod.bidr.io/cookie-sync/ Frame 55E8 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.69.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-69-248.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame 55E8 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y6bPWOa4eXFjFoTtryyD1wAA%261203
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:28 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
5291
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77e887b97f5a2c06-FRA
content-length
43
expires
Sun, 25 Dec 2022 10:07:28 GMT
dcm
s.amazon-adsystem.com/ Frame AE67 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:27 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
EJPRT6KVRTX4YT005FSK
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame AE67
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=1bPmf4DmsivOs-Z91biqeNC0tnnOt-Yv0LOwaNNR
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=1bPmf4DmsivOs-Z91biqeNC0tnnOt-Yv0LOwaNNR
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=486
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=1bPmf4DmsivOs-Z91biqeNC0tnnOt-Yv0LOwaNNR
pragma
no-cache
date
Sat, 24 Dec 2022 10:07:27 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame AE67
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y6bPWwAF2FDiKwAe
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y6bPWwAF2FDiKwAe
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:29 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=480
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-hhn-etou8220080-HHN
pragma
no-cache
date
Sat, 24 Dec 2022 10:07:28 GMT
via
1.1 varnish
server
Varnish
x-timer
S1671876448.240897,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y6bPWwAF2FDiKwAe
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
tp_out
d.adroll.com/cm/index/ Frame AE67 		42 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:cc3:fe05:1f91:910c:4285:3fe6 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:28 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.0
content-length
42
vary
Cookie
content-type
image/gif
rum
dsum-sec.casalemedia.com/ Frame AE67
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=RYkEgvCERJBzmmKJkidp_FD_B2w
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=RYkEgvCERJBzmmKJkidp_FD_B2w
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:29 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=487
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=RYkEgvCERJBzmmKJkidp_FD_B2w
Date
Sat, 24 Dec 2022 10:07:28 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
usermatchredir
ssum-sec.casalemedia.com/ Frame AE67
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJ57NvDKF-zGmN4-Sfn3qpU&google_cver=1
43 B
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJ57NvDKF-zGmN4-Sfn3qpU&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zQj%2FJL1tGBFyiwfMvpmtaaeEAXurED%2BKnPIGASDJDEBobfJ6KXGcfdDPZ4Gu4tBQ0U%2BrkKPPVrT6jHclFedBjLlzC9J0jWZ5KDiztn0asvu08SPogU5lX8424CzktIe7UTBnhgJi2kxxTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
77e887be49d59a1d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJ57NvDKF-zGmN4-Sfn3qpU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ix
ad4m.at/ad/sim/ Frame AE67 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
crum
dsum-sec.casalemedia.com/ Frame AE67
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:29 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=484
Content-Length
43
Expires
0

Redirect headers

date
Sat, 24 Dec 2022 10:07:29 GMT
server
nginx
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
access-control-allow-origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
content-type
text/html; charset=UTF-8
cache-control
no-cache
keep-alive
timeout=10
access-control-allow-headers
Origin
htw-pixel.gif
cdn.indexww.com/ht/ Frame AE67 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y6bPWOa4eXFjFoTtryyD1wAA%261203
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:28 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
5291
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77e887b98f642c06-FRA
content-length
43
expires
Sun, 25 Dec 2022 10:07:28 GMT
impl_v92.js
www.googletagservices.com/dcm/ Frame 84EA 		60 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v92.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8acf96115cb55ad61bfdc24b7918a946d1b983ac14062a584dbbe8744021430a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 18 Dec 2022 01:33:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
549257
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23563
x-xss-protection
0
last-modified
Mon, 07 Nov 2022 16:32:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 18 Dec 2023 01:33:10 GMT
crum
dsum-sec.casalemedia.com/ Frame 1C23
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=492
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D
date
Sat, 24 Dec 2022 10:07:27 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 1C23
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=484
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:27 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
crum
dsum-sec.casalemedia.com/ Frame 1C23
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7236359441748730540&expiration=1673086048
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7236359441748730540&expiration=1673086048
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:29 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=488
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7236359441748730540&expiration=1673086048
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
usermatchredir
ssum-sec.casalemedia.com/ Frame 1C23
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJ57NvDKF-zGmN4-Sfn3qpU&google_cver=1
43 B
846 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJ57NvDKF-zGmN4-Sfn3qpU&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zqv9pnOmHq7f%2FB54xhcvQGfw01FnErNuykU2%2F%2B9%2BnLDmLZ9P4VgRoOOg8ySrM%2BB2Fa7X1H4nlWBY2%2Fpr43bMcWF8Gn3NMaj31iVcFarasap1WENgS2hN76QrhblqJjlOk%2FLE8WGtRwtIIA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
77e887be49d79a1d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJ57NvDKF-zGmN4-Sfn3qpU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 1C23
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
2a05:d018:d29:3605:965e:3ef:16d0:9a4c Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:29 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB
date
Sat, 24 Dec 2022 10:07:28 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame 1C23
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:29 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=494
Content-Length
43
Expires
0

Redirect headers

date
Sat, 24 Dec 2022 10:07:29 GMT
server
nginx
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
access-control-allow-origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
content-type
text/html; charset=UTF-8
cache-control
no-cache
keep-alive
timeout=10
access-control-allow-headers
Origin
crum
dsum-sec.casalemedia.com/ Frame 1C23
Redirect Chain
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=7d2a33d9-288a-4a0a-9f0d-22b46e993a01
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=7d2a33d9-288a-4a0a-9f0d-22b46e993a01
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:29 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=7d2a33d9-288a-4a0a-9f0d-22b46e993a01
date
Sat, 24 Dec 2022 10:07:28 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
content-type
text/html; charset=utf-8
ie
match.prod.bidr.io/cookie-sync/ Frame 1C23 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.69.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-69-248.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame 1C23 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y6bPWOa4eXFjFoTtryyD1wAA%261203
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:28 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
5291
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77e887b98f7b2c06-FRA
content-length
43
expires
Sun, 25 Dec 2022 10:07:28 GMT
skeleton.js
static.adsafeprotected.com/ Frame A931
Redirect Chain
  • https://pixel.adsafeprotected.com/rfw/st/992712/61653181/skeleton.js?14052602&adsafe_url=https%3A%2F%2Fforward.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fforward.com%2F&adsafe_type=c&adsafe_url=htt...
  • https://static.adsafeprotected.com/skeleton.js?14052602
17 B
463 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js?14052602
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=icavjgt&e=1535582086632
Protocol
H2
Server
2600:9000:21f3:4800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:50:24 GMT
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via
1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
8230625
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
hhIFG3IYrkIYapIKMhg-W-BQQj00uUvQynQ1JZ4mDPeB1E4cRfTKlg==

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:27 GMT
server
nginx
x-server-name
app01.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.js?14052602
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 5F0B 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=icavjgt&e=1535582086632
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:4800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
8101871
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
tmQbS9iXG8oBry6fJMnRhUCd1bR9ZBxlj9QybE3uquBLwDzn5Pr9Zw==
impl_v92.js
www.googletagservices.com/dcm/ Frame 3D32 		60 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v92.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8acf96115cb55ad61bfdc24b7918a946d1b983ac14062a584dbbe8744021430a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 18 Dec 2022 01:33:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
549257
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23563
x-xss-protection
0
last-modified
Mon, 07 Nov 2022 16:32:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 18 Dec 2023 01:33:10 GMT
eum.min.js
eum.instana.io/ Frame AD68 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eum.instana.io/eum.min.js
Requested by
Host: www.parship.de
URL: https://www.parship.de/static_cms/parship/static/peg_utils/peg_logger/peg_logger.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:cb16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1b901586d2dba4cbb94e0ebd2edc28366164be66b6c5c6ca365f2b1cbc6d309

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1671876442.5712300.c1e9ff4c-8372-11ed-b29e-00155d255900ID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:27 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
HIT
last-modified
Thu, 1 Jan 1970 00:00:01 GMT
server
cloudflare
age
91692
etag
1562908762--gzip
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800, stale-while-revalidate=2678400, stale-if-error=2678400
timing-allow-origin
*
cf-ray
77e887b558fd2bbe-FRA
nvi
www.parship.de/nocache/ Frame AD68 		15 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.parship.de/nocache/nvi?url_path=%2Fwplp%2Fhtlp%2Fde%2Findex.html&pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1671876442.5712300.c1e9ff4c-8372-11ed-b29e-00155d255900ID&ref=https%3A%2F%2Fflashnetic.com%2F
Requested by
Host: www.parship.de
URL: https://www.parship.de/static_cms/parship/static/peg_utils/tracking/pegtracking_combined.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b979 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92f75b3d52eb22fd4d5af5352dc0bb43e5d0bc979f274783e7cd17884221b72e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1671876442.5712300.c1e9ff4c-8372-11ed-b29e-00155d255900ID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:27 GMT
strict-transport-security
max-age=15552000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
cf-ray
77e887b4ad149036-FRA
content-length
15
skeleton.js
static.adsafeprotected.com/ Frame 9393
Redirect Chain
  • https://pixel.adsafeprotected.com/rfw/st/992712/61653181/skeleton.js?552641338&adsafe_url=https%3A%2F%2Fforward.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fforward.com%2F&adsafe_type=c&adsafe_url=ht...
  • https://static.adsafeprotected.com/skeleton.js?552641338
17 B
463 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js?552641338
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=ybwpafwce&e=1535582086632
Protocol
H2
Server
2600:9000:21f3:4800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:50:24 GMT
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via
1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
8230625
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
8zO0sCCeidTKujle1sZDVXIYBCzmMVsivPiXzuePUwH1O_3tkWSR8g==

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:27 GMT
server
nginx
x-server-name
app14.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.js?552641338
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 216D 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=ybwpafwce&e=1535582086632
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:4800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
8101871
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
4jDbxLMz9PPLMUJfrAe7LDqJqFb2g1-tJYQfzpgbU9NybsTQAGfHbQ==
skeleton.js
static.adsafeprotected.com/ Frame 9936
Redirect Chain
  • https://pixel.adsafeprotected.com/rfw/st/992712/61653181/skeleton.js?816239869&adsafe_url=https%3A%2F%2Fforward.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fforward.com%2F&adsafe_type=c&adsafe_url=ht...
  • https://static.adsafeprotected.com/skeleton.js?816239869
17 B
463 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js?816239869
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=hxphinku&e=1535582086632
Protocol
H2
Server
2600:9000:21f3:4800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:50:24 GMT
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via
1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
8230625
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
O8RJodpr2ezkRc7kh726PRVyEhI9QbXCx4vJt9ufHKBIjIZPzNaalQ==

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:27 GMT
server
nginx
x-server-name
app10.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.js?816239869
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 0734 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=hxphinku&e=1535582086632
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:4800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
8101871
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
RqFcv_IasQ6Dj6mZOcGGLLBjyrGqKd5mfO0Fcqjk6xKzbQSVKCA62A==
skeleton.js
static.adsafeprotected.com/ Frame 96B2
Redirect Chain
  • https://pixel.adsafeprotected.com/rfw/st/992712/61653181/skeleton.js?540482748&adsafe_url=https%3A%2F%2Fforward.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fforward.com%2F&adsafe_type=c&adsafe_url=ht...
  • https://static.adsafeprotected.com/skeleton.js?540482748
17 B
464 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js?540482748
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=ajdxfouger&e=1535582086632
Protocol
H2
Server
2600:9000:21f3:4800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:50:24 GMT
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via
1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
8230625
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
b3lgvYtCCHsZk6TpcLpDFp8Z4zXqEED2aFHUhNtyZTlHTj_SknTPcQ==

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:27 GMT
server
nginx
x-server-name
app12.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.js?540482748
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame A1A0 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=ajdxfouger&e=1535582086632
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:4800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
8101871
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
qkcZwSMQz7T6SI45ip4MRToBRghyIXUtCl5M6A4Ue54OBaRD81zCYQ==
sca.17.6.2.js
static.adsafeprotected.com/ Frame 4FE9 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=gsuhtufxa&e=1535582086632
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:4800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
8101871
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
aQIdHIE2Q_zNdokOgxrxyPZztYuLr1eTfA1jXdyDM3rx490hd4ld0g==
mon
pixel.adsafeprotected.com/ Frame B5EE 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=930248&advId=1694368&campId=5249020&pubId=10264&chanId=1654713&placementId=7337&planId=17801719&adsafe_par&impId=5752709546234191296&adsafe_url=https%3A%2F%2Fforward.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fforward.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fflashnetic.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dgsuhtufxa%26e%3D1535582086632&adsafe_type=bed&adsafe_jsinfo=,id:9e0a00f4-a1e9-4383-2735-964ffd17cedf,c:xHUzdD,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-5bd77c4f97-dmdz5,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:2105,mot:0,app:0,maw:0,fm:tqVxbre+11%7C121%7C131%7C141%7C151%7C161%7C171%7C181%7C191%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e11%7C1e12%7C1e13%7C1f11%7C1f12%7C1f13%7C1g11%7C1g21%7C1g3%7C1g4%7C1g5%7C1h11%7C1h12%7C1h13%7C1h2%7C1h3%7C1h41%7C1h5%7C1i11%7C1i12%7C1i13%7C1i2%7C1i31%7C1i4%7C1i5%7C1j11%7C1j12%7C1j13%7C1j2%7C1j31%7C1j4%7C1j5%7C1k11%7C1k12%7C1k13%7C1k21%7C1k3%7C1k4%7C1k5%7C1l11%7C1l12%7C1l13%7C1l2%7C1l3%7C1l4%7C1l51%7C1m11%7C1m12%7C1m13%7C1m2%7C1m31%7C1m4%7C1m5%7C1n11%7C1n12%7C1n13%7C1n14%7C1n2%7C1n3%7C1n4%7C1n51%7C1o1*.930248%7C1o11%7C1o12%7C1o13%7C1o21%7C1o3%7C1o4%7C1o5%7C1p11%7C1p12%7C1p13%7C1p14%7C1p15%7C1p2%7C1p3%7C1p41%7C1p5%7C1q11%7C1q12%7C1q2%7C1q3%7C1q4%7C1q51%7C1r11%7C1r12%7C1r13%7C1r2%7C1r3%7C1r41%7C1r5%7C1s11%7C1s12%7C1s13%7C1s2%7C1s3%7C1s4%7C1s51%7C1t%7C1u11%7C1u12%7C1u13%7C1v11%7C1v12%7C1v21%7C1v3%7C1v4%7C1v5%7C1w11%7C1w2%7C1w3%7C1w41%7C1w5%7C1x1%7C1x21%7C1x3%7C1x4%7C1x5%7C1y11%7C1y12%7C1y2%7C1y31%7C1y4%7C1y5%7C1z11%7C1z12%7C1z2%7C1z3%7C1z41%7C1z5%7C11011%7C11012%7C1102%7C11031%7C1104%7C1105%7C1111%7C1112%7C11131%7C1114%7C1115%7C11211%7C11212%7C1122%7C1123%7C1124%7C11251%7C11311%7C1132%7C1133%7C1134%7C11351%7C11411%7C11412%7C1142%7C1143%7C11441%7C1145%7C11511%7C11611%7C1171%7C11721%7C1173%7C1174%7C1175%7C11811%7C11812%7C11821%7C1183%7C1184%7C1185%7C11911%7C11912%7C11921%7C1193%7C1194%7C1195%7C11a11%7C11a12%7C11a21%7C11a3%7C11a4%7C11a5%7C11b1%7C11b21%7C11b3%7C11b4%7C11b5%7C11c1%7C11c2%7C11c3%7C11c4%7C11c51%7C11d11%7C11d12%7C11d21%7C11d3%7C11d4%7C11d5%7C11e11%7C11e12%7C11e21%7C11f11%7C11f12%7C11f2%7C11g11%7C11g2%7C11g3%7C11g4%7C11g5%7C11h11%7C11h12%7C11h2%7C11i11%7C11i12%7C11i2%7C11j1%7C11k1%7C11l1%7C11m1%7C11n1%7C11o1%7C11o21%7C11o22%7C11o23%7C11o24%7C11o25%7C11o26%7C11o27%7C11o28%7C11o29%7C11o2a%7C11o2b%7C11o2c%7C11o2d%7C11o2e%7C11o2f%7C11o2g%7C11o2h%7C11o2i%7C11o3%7C11o4%7C11p1%7C11p2%7C11p3%7C11p4%7C11q1%7C11q2%7C11q3%7C11q4%7C11r1%7C11r2%7C11r3%7C11r4%7C11s1%7C11s2%7C11s3%7C11s4,idMap:1o1*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:2142,oid:c1383542-8372-11ed-bd36-6ac13e99dba1,v:19.8.377,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=gsuhtufxa&e=1535582086632
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.4.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-4-225.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:27 GMT
server
nginx
x-server-name
app05.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
async_usersync.html
acdn.adnxs.com/dmp/ Frame 9366 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=etmctaf&e=1971603729092
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
53035
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 24 Dec 2022 10:07:27 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 15 Dec 2022 19:23:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
100, 266398
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220029-HHN
X-Timer
S1671876448.762682,VS0,VE0
rd_log
fra1-ib.adnxs.com/ Frame D573 		0
930 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fforward.com%2F&e=wqT_3QLjDPBMYwYAAAMA1gAFAQjWnpudBhDw-NC55ZavvgUYja-4qpOZ7ppWKjYJ8FAU6BN5gj8RRiAgmBGJez8ZAAAAgBSu5z8hRiAgmBGJez8p8FAJJPCaMQAAAEDheoQ_MPmGhQw4mFBA6j9IAlCV4uuxAViezX9gAGix8pcBeL3YBIABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJTdWYoJ2EnLCAyOTQwNzg5LCAwKTt1ZignaScsIDQ4MjM5MzAsIDApO3VmKCdnJywgMTI3MjgyNzIsIDAJKfCacicsIDM3Mjk2MTU1NywgMCk7kgKlBCFEbVpHTndqSWhOUVZFSlhpNjdFQkdBQWduczFfTUFBNEFFQUFTT29fVVBtR2hReFlBR0M5Qm1nQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkFhZ0JBYkFCQUxrQkR6aUNNWDk2Z2pfQkFRODRnakZfZW9JX3lRRUFBQUFBQUFEd1A5a0IBCgEBdDhEX2dBZnEycGdMMUFjM016RDJZQWdDZ0FnRzFBZwEiBEM5CQjwW0RBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0c2QXdsR1VrRXhPalUyT0RIZ0E0Z3dnQVRyMzhVRWlBU1h0c3NFa0FRQm1BUUJ1Z1FhQ0lVRUVRAWgcQUFBTkFfR1EBCQkBIElJTEdpdzdCQgkPBSAEeVEdIRhOZ0VBUEVFER9cQUFDSUJiRXNxUVZJTXhaTlp5ZnVQN0VGGSAYREJCWnFabQECQGJrX3lRVUFBQUJBSGhtM1A5MigABFpCEWfAUEFfNEFXR0JfQUYwTy1JQnZnRjliNnpBWUlHQTFWVFJJZ0dBSkFHQVpnR0FLRUdtcAVeMFp1VC1vQmdTeUJpUUoZgARBUh0MAFodDABoGQxAQzRCZ28umgKZASFYQlpFVmc6KQIoSjdOZnlBQUtBQXgZbVA4NkNVWlNRVEU2TlRZNE1VQ0lNRWsNVAxEd1AxPSQARhEYDEFBQUcRGAxEUVAyHRgASBEYGEFBQUhnQWkuPQLAdy4u2AIA4AKbhU7qAhRodHRwczovL2ZvcndhcmQuY29tL_ICEQoGQURWX0lEEgcyOWU9NPICEgoGQ1BHX0lEEggxbSkY8gIKCgVDUAEUGAEw8gINCggBNgxGUkVRERAcUkVNX1VTRVIFEAARCSA8Q09ERRIFMzM2ODTyAiMKCAFWBRQYFzAwazM5MAEBTHFmWDJ2QUFFX2RlXzXyAgsKB0NQCSUcAPICEAoFSU8BdTgHNDgyMzkzMPICHQoHSU8JIQwSMDA2DUZgdG5ZYXpBQUXyAhMKD0NVU1RPTV9NT0RFTAE9FADyAhoKFjIWACBMRUFGX05BTUUBHQgeCho2HQAIQVNUAT4QSUZJRUQBIRwNCghTUExJVAFN8JoBMIADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA_DSkgHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMODAuMjU1LjcuMTA4qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANIEDjgxNzAjRlJBMTo1Njgx2gQCCAHgBAHwBJXi67EBiAUBmAUAoAX______wEFGAHABQDJBQAFARTwP9IFCQkFC3wAAADYBQHgBQHwBferGfoFBAgAEACQBgCYBgC4BgDBBgEhMAAA8D_QBugp2gYWChAJERkBcBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHvdgE0gcNFWQBJgjaBwYBXXAYAOAHAOoHAggA8AeWxQOKCAIQAJUIAACAP5gIAQ..&s=db3b2ff366d865ee7825f3654e33f79538a734f1&bdref=https%3A%2F%2Fforward.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fforward.com%2F,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Detmctaf%26e%3D1971603729092,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Detmctaf%26e%3D1971603729092&
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=etmctaf&e=1971603729092
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:27 GMT
AN-X-Request-Uuid
21e8106f-0216-480f-9f33-86c83c12ef4b
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame F597 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1654713&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:27 GMT
AN-X-Request-Uuid
0c79c30e-e9e8-4048-8820-d6de887b479b
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 699A 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1654713&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:27 GMT
AN-X-Request-Uuid
6d83acca-02d4-44f6-8978-7d39606171a1
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
trackingPixel.gif
s0.2mdn.net/10322040/ Frame 37B9 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10322040/trackingPixel.gif
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N163801.279382BIDMANAGER_DFASITE/B24737564.284764903;dc_ver=92.271;sz=1x1;u_sd=1;gdpr=0;dc_adk=1605059296;ord=c0r820;click=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FXwfOGVHaWz8c5PNfJ8JUPwAAAIA9Cu8_HOTzXyfCVD9gB84ZUdpbP3X44UXzBG59jRdONcm4NVZXz6ZjAAAAAJdDgQEYKAAA6h8AAAIAAAAgNuAPnuYfAAAAAABVU0QARVVSANgCWgAx-QAAAAABAQUCAAAAAMoAJiTwUgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521xRSavgjVn4IXEKDsgH8Yns1_IAAoADF7FK5H4XqEPzoJRlJBMTo1Njc5QIgwSQAAAAAAAPA_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAANA_aQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DODE3MCNGUkExOjU2Nzk%3D%2Fbn%3D93300%2Fclickenc%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Fforward.com%2F$0;xdt=1;crlt=SGqX)'TyIK;gcsr=m;stc=1;chaa=1;sttr=2419;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 11:59:53 GMT
x-content-type-options
nosniff
age
79654
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
last-modified
Tue, 06 Oct 2020 20:30:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 24 Dec 2022 11:59:53 GMT
sodar_loader.js
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/xfa/ Frame 37B9 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/xfa/sodar_loader.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N163801.279382BIDMANAGER_DFASITE/B24737564.284764903;dc_ver=92.271;sz=1x1;u_sd=1;gdpr=0;dc_adk=1605059296;ord=c0r820;click=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FXwfOGVHaWz8c5PNfJ8JUPwAAAIA9Cu8_HOTzXyfCVD9gB84ZUdpbP3X44UXzBG59jRdONcm4NVZXz6ZjAAAAAJdDgQEYKAAA6h8AAAIAAAAgNuAPnuYfAAAAAABVU0QARVVSANgCWgAx-QAAAAABAQUCAAAAAMoAJiTwUgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521xRSavgjVn4IXEKDsgH8Yns1_IAAoADF7FK5H4XqEPzoJRlJBMTo1Njc5QIgwSQAAAAAAAPA_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAANA_aQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DODE3MCNGUkExOjU2Nzk%3D%2Fbn%3D93300%2Fclickenc%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Fforward.com%2F$0;xdt=1;crlt=SGqX)'TyIK;gcsr=m;stc=1;chaa=1;sttr=2419;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aaf79049653fecc62abee09c76d41c400f586396fb35804ccdb23d980a80154d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 01:47:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
29993
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3876
x-xss-protection
0
server
cafe
etag
13168786668991128301
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 07 Jan 2023 01:47:34 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/ Frame 37B9 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N163801.279382BIDMANAGER_DFASITE/B24737564.284764903;dc_ver=92.271;sz=1x1;u_sd=1;gdpr=0;dc_adk=1605059296;ord=c0r820;click=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FXwfOGVHaWz8c5PNfJ8JUPwAAAIA9Cu8_HOTzXyfCVD9gB84ZUdpbP3X44UXzBG59jRdONcm4NVZXz6ZjAAAAAJdDgQEYKAAA6h8AAAIAAAAgNuAPnuYfAAAAAABVU0QARVVSANgCWgAx-QAAAAABAQUCAAAAAMoAJiTwUgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521xRSavgjVn4IXEKDsgH8Yns1_IAAoADF7FK5H4XqEPzoJRlJBMTo1Njc5QIgwSQAAAAAAAPA_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAANA_aQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DODE3MCNGUkExOjU2Nzk%3D%2Fbn%3D93300%2Fclickenc%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Fforward.com%2F$0;xdt=1;crlt=SGqX)'TyIK;gcsr=m;stc=1;chaa=1;sttr=2419;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 16:52:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
62123
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 06 Jan 2023 16:52:05 GMT
dt
dt.adsafeprotected.com/ Frame 3A7C 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=992712&asId=3f7b216e-2265-fe8c-d694-beffe1a4ac1c&tv=%7Bc:xHUzeX,pingTime:-6,time:4764,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:0,o:4764,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:3730,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1084~0%5D,as:%5B1084~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tqVxaMf+11%7C121%7C131%7C141%7C151%7C161%7C171%7C181%7C191%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e11%7C1e12%7C1e13%7C1f11%7C1f12%7C1f13%7C1g1%7C1g21%7C1g3%7C1g4%7C1g5%7C1h11%7C1h12%7C1h2%7C1h3%7C1h41%7C1h5%7C1i11%7C1i12%7C1i13%7C1i2%7C1i31%7C1i4%7C1i5%7C1j11%7C1j12%7C1j2%7C1j31%7C1j4%7C1j5%7C1k11%7C1k12%7C1k21%7C1k3%7C1k4%7C1k5%7C1l11%7C1l12%7C1l2%7C1l3%7C1l4%7C1l51%7C1m11%7C1m12%7C1m2%7C1m31%7C1m4%7C1m5%7C1n1*.992712-61653181%7C1n11%7C1n12%7C1n2%7C1n3%7C1n4%7C1n51%7C1o11%7C1o12%7C1o21%7C1o3%7C1o4%7C1o5%7C1p11%7C1p12%7C1p13%7C1p14%7C1p15%7C1p2%7C1p3%7C1p41%7C1p5%7C1q11%7C1q12%7C1q2%7C1q3%7C1q4%7C1q51%7C1r11%7C1r12%7C1r13%7C1r2%7C1r3%7C1r41%7C1r5%7C1s11%7C1s12%7C1s2%7C1s3%7C1s4%7C1s51%7C1t%7C1u11%7C1v11%7C1v12%7C1v21%7C1v3%7C1v4%7C1v5%7C1w1%7C1w2%7C1w3%7C1w41%7C1w5%7C1x1%7C1x21%7C1x3%7C1x4%7C1x5%7C1y11%7C1y12%7C1y2%7C1y31%7C1y4%7C1y5%7C1z11%7C1z12%7C1z2%7C1z3%7C1z41%7C1z5%7C11011%7C11012%7C1102%7C11031%7C1104%7C1105%7C1111%7C1112%7C11131%7C1114%7C1115%7C11211%7C11212%7C1122%7C1123%7C1124%7C11251%7C1131%7C1132%7C1133%7C1134%7C11351%7C11411%7C11412%7C1142%7C1143%7C11441%7C1145%7C11511%7C11611%7C1171%7C1172%7C1173%7C1174%7C1175%7C11811%7C11812%7C1182%7C1183%7C1184%7C1185%7C11911%7C11912%7C1192%7C1193%7C1194%7C1195%7C11a11%7C11a12%7C11a2%7C11a3%7C11a4%7C11a5%7C11b1%7C11b2%7C11b3%7C11b4%7C11b5%7C11c1%7C11c2%7C11c3%7C11c4%7C11c5%7C11d11%7C11d12%7C11d2%7C11d3%7C11d4%7C11d5%7C11e11%7C11e12%7C11e21%7C11f11%7C11f12%7C11f2%7C11g11%7C11h11%7C11h12%7C11h2%7C11i11%7C11i12%7C11i2%7C11j1%7C11k1%7C11l1%7C11m1%7C11n1%7C11o1%7C11p1%7C11q1%7C11r1%7C11s1%7C11t1%7C11u1%7C11v1%7C11w1%7C11x1%7C11y1%7C11z1%7C11z21%7C11z22%7C11z23%7C11z24%7C11z25%7C11z26%7C11z27%7C11z28%7C11z29%7C11z2a%7C11z2b%7C11z2c%7C11z2d%7C11z2e%7C11z2f%7C11z2g%7C11z2h%7C11z2i%7C11z3%7C11z4%7C1201%7C1202%7C1203%7C1204%7C1211%7C1212%7C1213%7C1214%7C1221%7C1222%7C1223%7C1224%7C1231%7C1232%7C1233%7C1234,idMap:1n1*,rmeas:1,rend:0,renddet:na,siq:3732%7D&tpiLookup=ao:forward.com*%2Cflashnetic.com*&br=c
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=sqwwysn&e=1535582086632
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:e69a:c43c:f0d:9cd8 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:28 GMT
server
nginx
x-server-name
dt04.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame B5EE 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=992712&asId=83f3ab22-d8e3-dcc6-a856-f4ed86a77a42&tv=%7Bc:xHUzfb,pingTime:-6,time:4764,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:0,o:4764,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:3778,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1024~0%5D,as:%5B1024~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tqVxaMf+11%7C121%7C131%7C141%7C151%7C161%7C171%7C181%7C191%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e11%7C1e12%7C1e13%7C1f11%7C1f12%7C1f13%7C1g1%7C1g21%7C1g3%7C1g4%7C1g5%7C1h11%7C1h12%7C1h2%7C1h3%7C1h41%7C1h5%7C1i11%7C1i12%7C1i13%7C1i2%7C1i31%7C1i4%7C1i5%7C1j11%7C1j12%7C1j2%7C1j31%7C1j4%7C1j5%7C1k11%7C1k12%7C1k21%7C1k3%7C1k4%7C1k5%7C1l11%7C1l12%7C1l2%7C1l3%7C1l4%7C1l51%7C1m11%7C1m12%7C1m2%7C1m31%7C1m4%7C1m5%7C1n1.992712-61653181%7C1n11%7C1n12%7C1n13%7C1n2%7C1n3%7C1n4%7C1n51%7C1o1*.992712-61653181%7C1o11%7C1o12%7C1o21%7C1o3%7C1o4%7C1o5%7C1p11%7C1p12%7C1p13%7C1p14%7C1p15%7C1p2%7C1p3%7C1p41%7C1p5%7C1q11%7C1q12%7C1q2%7C1q3%7C1q4%7C1q51%7C1r11%7C1r12%7C1r13%7C1r2%7C1r3%7C1r41%7C1r5%7C1s11%7C1s12%7C1s2%7C1s3%7C1s4%7C1s51%7C1t%7C1u11%7C1v11%7C1v12%7C1v21%7C1v3%7C1v4%7C1v5%7C1w1%7C1w2%7C1w3%7C1w41%7C1w5%7C1x1%7C1x21%7C1x3%7C1x4%7C1x5%7C1y11%7C1y12%7C1y2%7C1y31%7C1y4%7C1y5%7C1z11%7C1z12%7C1z2%7C1z3%7C1z41%7C1z5%7C11011%7C11012%7C1102%7C11031%7C1104%7C1105%7C1111%7C1112%7C11131%7C1114%7C1115%7C11211%7C11212%7C1122%7C1123%7C1124%7C11251%7C1131%7C1132%7C1133%7C1134%7C11351%7C11411%7C11412%7C1142%7C1143%7C11441%7C1145%7C11511%7C11611%7C1171%7C1172%7C1173%7C1174%7C1175%7C11811%7C11812%7C1182%7C1183%7C1184%7C1185%7C11911%7C11912%7C1192%7C1193%7C1194%7C1195%7C11a11%7C11a12%7C11a2%7C11a3%7C11a4%7C11a5%7C11b1%7C11b2%7C11b3%7C11b4%7C11b5%7C11c1%7C11c2%7C11c3%7C11c4%7C11c5%7C11d11%7C11d12%7C11d2%7C11d3%7C11d4%7C11d5%7C11e11%7C11e12%7C11e21%7C11f11%7C11f12%7C11f2%7C11g11%7C11h11%7C11h12%7C11h2%7C11i11%7C11i12%7C11i2%7C11j1%7C11k1%7C11l1%7C11m1%7C11n1%7C11o1%7C11p1%7C11q1%7C11r1%7C11s1%7C11t1%7C11u1%7C11v1%7C11w1%7C11x1%7C11y1%7C11z1%7C11z21%7C11z22%7C11z23%7C11z24%7C11z25%7C11z26%7C11z27%7C11z28%7C11z29%7C11z2a%7C11z2b%7C11z2c%7C11z2d%7C11z2e%7C11z2f%7C11z2g%7C11z2h%7C11z2i%7C11z3%7C11z4%7C1201%7C1202%7C1203%7C1204%7C1211%7C1212%7C1213%7C1214%7C1221%7C1222%7C1223%7C1224%7C1231%7C1232%7C1233%7C1234,idMap:1o1*,rmeas:1,rend:0,renddet:na,siq:3779%7D&tpiLookup=ao:forward.com*%2Cflashnetic.com*&br=c
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=gsuhtufxa&e=1535582086632
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:e69a:c43c:f0d:9cd8 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:28 GMT
server
nginx
x-server-name
dt06.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
vevent
fra1-ib.adnxs.com/ Frame 2F0C 		0
951 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fforward.com%2F&e=wqT_3QKmCvBMJgUAAAMA1gAFAQjWnpudBhC70IvWsNemgCEYja-4qpOZ7ppWKjYJMUJ4tHHEij8RIJMq4A7zgz8ZAAAAgD0K7z8hIJMq4A7zgz8pMUIJJPCBMQAAAEDhepQ_MJeHhQw4mFBA6j9IAlCGrN9yWJ7Nf2AAaLHylwF4yoQGgAEBigEDVVNEkgEDRVVSmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCU3VmKCdhJywgNDgxOTI1OCwgMCk7dWYoJ2knLCA1NDQxNjc5LBEUMGcnLCAxMzk5Mzg0NiwRFShyJywgMjQwNjM3NA0W9BcBkgKlBCFwR2l1bHdqbjRwVVhFSWFzMzNJWUFDQ2V6WDh3QURnQVFBQkk2ajlRbDRlRkRGZ0FZTDBHYUFCd0FIZ0FnQUVBaUFFQWtBRUJtQUVCb0FFQnFBRUJzQUVBdVFFNmlZZEM2OGFLUDhFQk9vbUhRdXZHaWpfSkFRQUFBQUFBQVBBXzJRRUFBQUFBQUFEd1AtQUJqNUhNQXZVQnpjek1QWmdDQUtBQ0FiVUNBQUFBQUwwQ0FBQUFBTUFDQU1nQ0FOQUNBTmdDQU9BQ0FPZ0NBUGdDQUlBREFaZ0RBYm9EQ1VaU1FURTZOak01TmVBRGlEQ0FCTXUyd3dXSUJNeTJ3d1dRQkFHWUJBRzZCQm9JaFFRUkFBQQGaEEEwRDhaBQkJARxnZ3NhTERzRRGtFEEwRF9KQgkcBQEUMkFRQThREdlgQUFBSWdGLXpHcEJVZ3pGazFuSi00X3NRVQEaCQEYTUVGbXBtWgECEHVUX0pCATscSUJTdk1BXzAuKAAITmtGCTHIQUE4RF9nQlpzSzhBWDJqdFlHLUFXNmtxWUNnZ1lEVlZORWlBWUFrQVlCbUFZQW9RYWFtBV4wbTVQNmdHQkxJR0pBaxFLCEFBQhXLDEFBQmsZGABDHRhETGdHQ2cuLpoClQEhRGhZbU5BNikCKG5zMV9JQUFvQURHGW1Mem9KUmxKQk1UbzJNemsxUUlnd1MB3QEBDFBBX1URDAxBQUFXHQwAWREMDE5BX2ERDAxBQUFjHQwQZUFDSkEREPDQUEFf2AIA4AKbhU7qAhRodHRwczovL2ZvcndhcmQuY29tL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA_DSkgHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMODAuMjU1LjcuMTA4qAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA0gQOODE3MCNGUkExOjYzOTXaBAIIAeAEAfAEhqzfcogFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAJDnDYBQHgBQHwBbTKKPoFBAgAEACQBgCYBgC4BgDBBgkjKPA_0AboKdoGFgoQCREZAXQQABgA4AYB8gYCCACABwGIBwCgBwHIB8qEBtIHDQkRKAEmCNoHBgFdcBgA4AcA6gcCCADwB5bFA4oIAhAAlQgAAIA_mAgB&s=a2b2c74708a0eb85d3df029ddf7b9878887fed88&type=nv&nvt=5&jm=1003&px=0&py=0&bw=728&bh=90&sid=1425382271713132305&vd=ct~0|rr~0&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=25248663&sw=1600&sh=1200&pw=728&ph=90&ww=728&wh=90&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/231/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:27 GMT
AN-X-Request-Uuid
51e35ff2-0fba-43a2-a22c-b74aec23b780
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 7AE1 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1654713&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:27 GMT
AN-X-Request-Uuid
82455ff3-08a3-4d63-b2c1-cd0438e8c06d
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
main.19.8.377.js
static.adsafeprotected.com/ Frame 0E9D 		199 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.377.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/992712/61653181/skeleton.js?951933410
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:4800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c3d6dd40d554051caae0e87609382cfbf0370ef9acd3beddd1ad5c0bfd335c15

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 23:56:39 GMT
x-amz-version-id
dX.ebh6MRkbxhfqjxJgTQokuZG2AvCpL
content-encoding
gzip
via
1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
987049
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 12 Dec 2022 16:54:47 GMT
server
AmazonS3
etag
W/"6021cd2c4605b3ba4a8f0769ad2e5fc0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
roiR2z8XuVA6kfKXGXaVF3UcHAOOqeILyQdZ6zHoU7oeQUA-Or40Dg==
main.19.8.377.js
static.adsafeprotected.com/ Frame F2A8 		199 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.377.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/992712/61653181/skeleton.js?420702640
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:4800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c3d6dd40d554051caae0e87609382cfbf0370ef9acd3beddd1ad5c0bfd335c15

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 23:56:39 GMT
x-amz-version-id
dX.ebh6MRkbxhfqjxJgTQokuZG2AvCpL
content-encoding
gzip
via
1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
987049
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 12 Dec 2022 16:54:47 GMT
server
AmazonS3
etag
W/"6021cd2c4605b3ba4a8f0769ad2e5fc0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
Z84zrZ72Awcti-EqMYm_mgDKddk64KQiWGZTwRZNJRBwNK1CxcykQQ==
async_usersync
ib.adnxs.com/ Frame 1D9A 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1654713&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:27 GMT
AN-X-Request-Uuid
0ad26266-f609-45dc-b044-414a11b86fc4
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 1352 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:27 GMT
AN-X-Request-Uuid
2d6e3bc8-40c9-4eab-851d-d872c49bca31
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame B4FB 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:27 GMT
AN-X-Request-Uuid
0a10053c-1736-4b7f-9d7b-bb597f2b7ae1
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
index.html
imagesrv.adition.com/banners/268/01/02/b8/23/ Frame ED3C 		44 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/banners/268/01/02/b8/23/index.html?clicktag=https%3A%2F%2Ffra1%2Dib.adnxs.com%2Fclick%3Fyq8V4zQk4D%2D77vLtcNrYPwAAAIAUruc%5FRxz1wmt%5F5D%5FH155ZEqDqPyAipzZN7NVxjRdONcm4NVZWz6ZjAAAAAHlDgQEYKAAAsAQAAAIAAAC8Az8YnuYfAAAAAABVU0QARVVSACwB%2DgAx%2DQAAAAABAQUCAAAAAMoAuSfJEwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521%2DhFt%2DAjJo5YaELyH%5FMEBGJ7NfyAAKAAxAAAAAAAAAAA6CUZSQTE6NTMxOUCIMElIMxZNZyfuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTIwMCNGUkExOjUzMTk%3D%2Fbn%3D93185%2Fclickenc%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7180654637069372426%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7180654624183416986%2526sid%253D4787252%2526kid%253D5641793%2526bid%253D17071377%2526c%253D37455%2526keyword%253D%25255Bmtp%25255D%252528cid%252529406782908%25255BAAID%25255D%25255BIDFA%25255D%25255Bu%25255Dhttps%25253A%25252F%25252Fforward.com%25252F%25255Bp%25255D1654713%25255Bmtp%25255D%252528segc%252529%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7180654654246685453%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7180654624183416986%2526sid%253D2885601%2526kid%253D5572862%2526bid%253D16955427%2526c%253D12559%2526keyword%253DPACS%25255F4787252%25255F17071377%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
ccc65bc681d65000a02734fff2f15dbb45651a7fbb83e2380580952a02d6da89

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
content-encoding
br
content-length
10601
content-type
text/html
date
Sat, 24 Dec 2022 10:07:27 GMT
etag
"858906904-br"
last-modified
Fri, 23 Dec 2022 21:25:08 GMT
vary
Accept-Encoding
skeleton.js
pixel.adsafeprotected.com/rjss/st/1218281/67368266/ Frame BCC6 		46 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/rjss/st/1218281/67368266/skeleton.js
Requested by
Host: ad2.adfarm1.adition.com
URL: https://ad2.adfarm1.adition.com/banner?sid=2885601&adjsver=3&fvers=&iframe=1&ref=https%3A//flashnetic.com/r/p.html%3Ff%3Dkwqcltffp%26e%3D1971603729092&ro=https%3A//flashnetic.com/r/p.html%3Ff%3Dkwqcltffp%26e%3D1971603729092&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/108.0.5359.124%20Safari/537.36&os=17&browser=11&userid=7180654624183416986&kid=5572862&kw=PACS%5F4787252%5F17071377&gdpr=0&screen_res=6&wpt=J&clickurl=https%3A%2F%2Ffra1%2Dib.adnxs.com%2Fclick%3Fyq8V4zQk4D%2D77vLtcNrYPwAAAIAUruc%5FRxz1wmt%5F5D%5FH155ZEqDqPyAipzZN7NVxjRdONcm4NVZWz6ZjAAAAAHlDgQEYKAAAsAQAAAIAAAC8Az8YnuYfAAAAAABVU0QARVVSACwB%2DgAx%2DQAAAAABAQUCAAAAAMoAuSfJEwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521%2DhFt%2DAjJo5YaELyH%5FMEBGJ7NfyAAKAAxAAAAAAAAAAA6CUZSQTE6NTMxOUCIMElIMxZNZyfuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTIwMCNGUkExOjUzMTk%3D%2Fbn%3D93185%2Fclickenc%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7180654637069372426%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7180654624183416986%2526sid%253D4787252%2526kid%253D5641793%2526bid%253D17071377%2526c%253D37455%2526keyword%253D%25255Bmtp%25255D%252528cid%252529406782908%25255BAAID%25255D%25255BIDFA%25255D%25255Bu%25255Dhttps%25253A%25252F%25252Fforward.com%25252F%25255Bp%25255D1654713%25255Bmtp%25255D%252528segc%252529%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.4.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-4-225.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
b46860f4ea39a432f8d6bbe86a781edef43dfdaa39037b5df14d32f83c955e91

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:27 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
B28713148.352526337;dc_pre=CIjpno6BkvwCFdqHdwod1wQODw;dc_trk_aid=540623886;dc_trk_cid=180161300;ord=7180654654246685453;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=...
ad.doubleclick.net/ddm/trackimp/N7861.4425511PIAADVERTISINGGMBH/ Frame BCC6
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N7861.4425511PIAADVERTISINGGMBH/B28713148.352526337;dc_trk_aid=540623886;dc_trk_cid=180161300;ord=7180654654246685453;dc_lat=;dc_rdid=;tag_for_child_directed...
  • https://ad.doubleclick.net/ddm/trackimp/N7861.4425511PIAADVERTISINGGMBH/B28713148.352526337;dc_pre=CIjpno6BkvwCFdqHdwod1wQODw;dc_trk_aid=540623886;dc_trk_cid=180161300;ord=7180654654246685453;dc_la...
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N7861.4425511PIAADVERTISINGGMBH/B28713148.352526337;dc_pre=CIjpno6BkvwCFdqHdwod1wQODw;dc_trk_aid=540623886;dc_trk_cid=180161300;ord=7180654654246685453;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=kwqcltffp&e=1971603729092
Protocol
H3
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:27 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N7861.4425511PIAADVERTISINGGMBH/B28713148.352526337;dc_pre=CIjpno6BkvwCFdqHdwod1wQODw;dc_trk_aid=540623886;dc_trk_cid=180161300;ord=7180654654246685453;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ai.aspx
m.exactag.com/ Frame BCC6 		60 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.exactag.com/ai.aspx?extProvId=87&extPu=amex-adition&extLi=5572862&extPm=2885601&extCr=16955427&gdpr=0&gdpr_consent=&rnd=7180654654246685453
Requested by
Host: ad2.adfarm1.adition.com
URL: https://ad2.adfarm1.adition.com/banner?sid=2885601&adjsver=3&fvers=&iframe=1&ref=https%3A//flashnetic.com/r/p.html%3Ff%3Dkwqcltffp%26e%3D1971603729092&ro=https%3A//flashnetic.com/r/p.html%3Ff%3Dkwqcltffp%26e%3D1971603729092&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/108.0.5359.124%20Safari/537.36&os=17&browser=11&userid=7180654624183416986&kid=5572862&kw=PACS%5F4787252%5F17071377&gdpr=0&screen_res=6&wpt=J&clickurl=https%3A%2F%2Ffra1%2Dib.adnxs.com%2Fclick%3Fyq8V4zQk4D%2D77vLtcNrYPwAAAIAUruc%5FRxz1wmt%5F5D%5FH155ZEqDqPyAipzZN7NVxjRdONcm4NVZWz6ZjAAAAAHlDgQEYKAAAsAQAAAIAAAC8Az8YnuYfAAAAAABVU0QARVVSACwB%2DgAx%2DQAAAAABAQUCAAAAAMoAuSfJEwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521%2DhFt%2DAjJo5YaELyH%5FMEBGJ7NfyAAKAAxAAAAAAAAAAA6CUZSQTE6NTMxOUCIMElIMxZNZyfuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTIwMCNGUkExOjUzMTk%3D%2Fbn%3D93185%2Fclickenc%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7180654637069372426%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7180654624183416986%2526sid%253D4787252%2526kid%253D5641793%2526bid%253D17071377%2526c%253D37455%2526keyword%253D%25255Bmtp%25255D%252528cid%252529406782908%25255BAAID%25255D%25255BIDFA%25255D%25255Bu%25255Dhttps%25253A%25252F%25252Fforward.com%25252F%25255Bp%25255D1654713%25255Bmtp%25255D%252528segc%252529%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
213.202.235.9 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:27 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy
cross-origin
Connection
close
X-ET-Monitoring
1
X-Xss-Protection
0
Pragma
no-cache
Last-Modified
Sa, 24 Dez 2022 10:07:27 GMT
X-ET-Code
0
Content-Type
image/gif
Cache-Control
max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-ET-Camp
1250
Expires
Mon, 26 Jul 1997 05:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E27E 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
289734
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 21 Dec 2022 01:38:33 GMT
expires
Thu, 21 Dec 2023 01:38:33 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 4E46 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
89bf2bcb6de7fdf72a86e7965ee86e57e34fa7a5cc3ee6ca7a369fcb69cfd03e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-XFRe1_i7DHflaP6oG85vxw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-XFRe1_i7DHflaP6oG85vxw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 24 Dec 2022 10:07:27 GMT
expires
Sat, 24 Dec 2022 10:07:27 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
main.19.8.377.js
static.adsafeprotected.com/ Frame 434A 		199 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.377.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/992712/61653181/skeleton.js?618329399
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:4800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c3d6dd40d554051caae0e87609382cfbf0370ef9acd3beddd1ad5c0bfd335c15

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 23:56:39 GMT
x-amz-version-id
dX.ebh6MRkbxhfqjxJgTQokuZG2AvCpL
content-encoding
gzip
via
1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
987049
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 12 Dec 2022 16:54:47 GMT
server
AmazonS3
etag
W/"6021cd2c4605b3ba4a8f0769ad2e5fc0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
S6V5QIpjL4vSO6XayKrSMWQG6P_iH0ScWss149xDWbA8-rIuaj6fTQ==
AditionH5_ClickTags.js
imagesrv.adition.com/js/ Frame 6393 		753 B
433 B 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/js/AditionH5_ClickTags.js
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/02/b8/18/index.html?clicktag=https%3A%2F%2Ffra1%2Dib.adnxs.com%2Fclick%3FKHqKBn054D9ViIyJNfvYPwAAAIA9Cu8%5FRxz1wmt%5F5D%5FH155ZEqDqP%2DH0GTgw6Zw7jRdONcm4NVZVz6ZjAAAAAJdDgQEYKAAAsAQAAAIAAADAAz8YnuYfAAAAAABVU0QARVVSANgCWgAx%2DQAAAAABAQUCAAAAAMoAWyUv4wAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521BhJD%5FAjJo5YaEMCH%5FMEBGJ7NfyAAKAAxAAAAAAAAAAA6CUZSQTE6NTc3N0CIMElIMxZNZyfuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTIwMCNGUkExOjU3Nzc%3D%2Fbn%3D75880%2Fclickenc%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7180654632757234698%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7180654624183416986%2526sid%253D4787253%2526kid%253D5641793%2526bid%253D17071378%2526c%253D32825%2526keyword%253D%25255Bmtp%25255D%252528cid%252529406782912%25255BAAID%25255D%25255BIDFA%25255D%25255Bu%25255Dhttps%25253A%25252F%25252Fforward.com%25252F%25255Bp%25255D1654713%25255Bmtp%25255D%252528segc%252529%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7180654649941363469%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7180654624183416986%2526sid%253D2885600%2526kid%253D5572862%2526bid%253D16955416%2526c%253D64632%2526keyword%253DPACS%25255F4787253%25255F17071378%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
5a0cecf509251de7b796c7c34ca1374bbb3fabe582e9e9394f1a1ebd9d421997

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imagesrv.adition.com/banners/268/01/02/b8/18/index.html?clicktag=https%3A%2F%2Ffra1%2Dib.adnxs.com%2Fclick%3FKHqKBn054D9ViIyJNfvYPwAAAIA9Cu8%5FRxz1wmt%5F5D%5FH155ZEqDqP%2DH0GTgw6Zw7jRdONcm4NVZVz6ZjAAAAAJdDgQEYKAAAsAQAAAIAAADAAz8YnuYfAAAAAABVU0QARVVSANgCWgAx%2DQAAAAABAQUCAAAAAMoAWyUv4wAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521BhJD%5FAjJo5YaEMCH%5FMEBGJ7NfyAAKAAxAAAAAAAAAAA6CUZSQTE6NTc3N0CIMElIMxZNZyfuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTIwMCNGUkExOjU3Nzc%3D%2Fbn%3D75880%2Fclickenc%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7180654632757234698%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7180654624183416986%2526sid%253D4787253%2526kid%253D5641793%2526bid%253D17071378%2526c%253D32825%2526keyword%253D%25255Bmtp%25255D%252528cid%252529406782912%25255BAAID%25255D%25255BIDFA%25255D%25255Bu%25255Dhttps%25253A%25252F%25252Fforward.com%25252F%25255Bp%25255D1654713%25255Bmtp%25255D%252528segc%252529%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7180654649941363469%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7180654624183416986%2526sid%253D2885600%2526kid%253D5572862%2526bid%253D16955416%2526c%253D64632%2526keyword%253DPACS%25255F4787253%25255F17071378%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:27 GMT
content-encoding
br
last-modified
Thu, 20 Aug 2020 14:03:40 GMT
etag
"1134380014-br"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
330
gsap_3.2.4_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 6393 		57 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/02/b8/18/index.html?clicktag=https%3A%2F%2Ffra1%2Dib.adnxs.com%2Fclick%3FKHqKBn054D9ViIyJNfvYPwAAAIA9Cu8%5FRxz1wmt%5F5D%5FH155ZEqDqP%2DH0GTgw6Zw7jRdONcm4NVZVz6ZjAAAAAJdDgQEYKAAAsAQAAAIAAADAAz8YnuYfAAAAAABVU0QARVVSANgCWgAx%2DQAAAAABAQUCAAAAAMoAWyUv4wAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521BhJD%5FAjJo5YaEMCH%5FMEBGJ7NfyAAKAAxAAAAAAAAAAA6CUZSQTE6NTc3N0CIMElIMxZNZyfuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTIwMCNGUkExOjU3Nzc%3D%2Fbn%3D75880%2Fclickenc%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7180654632757234698%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7180654624183416986%2526sid%253D4787253%2526kid%253D5641793%2526bid%253D17071378%2526c%253D32825%2526keyword%253D%25255Bmtp%25255D%252528cid%252529406782912%25255BAAID%25255D%25255BIDFA%25255D%25255Bu%25255Dhttps%25253A%25252F%25252Fforward.com%25252F%25255Bp%25255D1654713%25255Bmtp%25255D%252528segc%252529%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7180654649941363469%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7180654624183416986%2526sid%253D2885600%2526kid%253D5572862%2526bid%253D16955416%2526c%253D64632%2526keyword%253DPACS%25255F4787253%25255F17071378%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imagesrv.adition.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23276
x-xss-protection
0
last-modified
Thu, 05 Mar 2020 03:53:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 24 Dec 2022 10:07:27 GMT
ifr.php
delivery.advanseads.com/1.0/ Frame 4067 		54 KB
55 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://delivery.advanseads.com/1.0/ifr.php?zid=77191&dt=2&cb=111838169&c=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FcaJdhZSfhD9gBeL3or1-PwAAAIA9Cu8_YAXi96K9fj9zol2FlJ-EP-2S1V4e4XtnjRdONcm4NVZaz6ZjAAAAAJdDgQEYKAAA6h8AAAIAAADq0tUPnuYfAAAAAABVU0QARVVSANgCWgAx-QAAAAABAQUCAAAAAMoAbSgXzAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521TBbZTAjFsdAVEOql134Yns1_IAAoADGamZmZmZm5PzoJRlJBMTo1MzA2QIgwSQAAAAAAAPA_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAANA_aQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DODE3MCNGUkExOjUzMDY%3D%2Fbn%3D92996%2Fclickenc%3D&i=7456801128598311661&&&cb=874443&adv_imp=702b4515-bd2a-4547-9cf4-d640f6d90e65&gen_imp=true&adv_int_imp=c3d13bd5-f416-46ec-b10d-9d947d640692&zf=%7B%22property_code%22%3A%22czkar23228_%5BADV_LOCAL_LANG%5D%22%2C%22browser_lang%22%3A%22%5BADV_LOCAL_LANG%5D%22%7D
Requested by
Host: cdn.advanseads.com
URL: https://cdn.advanseads.com/content_server/1.0/adv_jstag_2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.223.100.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-100-168.compute-1.amazonaws.com
Software
/
Resource Hash
9721cc04ee719a10350d15df02d54a37244cc053b32fa94f85bca830c44419ca

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html
date
Sat, 24 Dec 2022 10:07:27 GMT
ffeadf2b251df090620933ccc12e6237.js
s0.2mdn.net/sadbundle/1849230996232346937/ Frame 2235 		86 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/1849230996232346937/ffeadf2b251df090620933ccc12e6237.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1849230996232346937/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31ea6e25e82afe4fc795fcd8184cf2605bd3b0724ce681d9d92e79f909c6ad4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1849230996232346937/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 18 Dec 2022 13:23:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
506650
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22497
x-xss-protection
0
last-modified
Wed, 20 Jul 2022 12:50:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 18 Dec 2023 13:23:17 GMT
index.html
imagesrv.adition.com/banners/268/01/02/b8/22/ Frame 3DCE 		42 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/banners/268/01/02/b8/22/index.html?clicktag=https%3A%2F%2Ffra1%2Dib.adnxs.com%2Fclick%3FkmrOcDsU4D8iU7tT2MHYPwAAAIAUruc%5FR8XGl%2Dxq5D8TDyibcoXqP7FgxrpyvWxnjRdONcm4NVZWz6ZjAAAAAHlDgQEYKAAAsAQAAAIAAAC8Az8YnuYfAAAAAABVU0QARVVSACwB%2DgAx%2DQAAAAABAQUCAAAAAMoACCYpQAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521ABIX%2DgjJo5YaELyH%5FMEBGJ7NfyAAKAAxAAAAAAAAAAA6CUZSQTE6NTI5OECIMElIMxZNZyfuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTIwMCNGUkExOjUyOTg%3D%2Fbn%3D93260%2Fclickenc%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7180654637074942986%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7180654624183416986%2526sid%253D4787252%2526kid%253D5641793%2526bid%253D17071377%2526c%253D42599%2526keyword%253D%25255Bmtp%25255D%252528cid%252529406782908%25255BAAID%25255D%25255BIDFA%25255D%25255Bu%25255Dhttps%25253A%25252F%25252Fforward.com%25252F%25255Bp%25255D1654713%25255Bmtp%25255D%252528segc%252529%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7180654654252321549%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7180654624183416986%2526sid%253D2885601%2526kid%253D5572862%2526bid%253D16955426%2526c%253D27139%2526keyword%253DPACS%25255F4787252%25255F17071377%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
5598192ff661dc84c44a90a1eae1cf947fa0d7ca4358b46a3be7bd4da71f98f6

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
content-encoding
br
content-length
12210
content-type
text/html
date
Sat, 24 Dec 2022 10:07:27 GMT
etag
"2108135990-br"
last-modified
Fri, 23 Dec 2022 21:25:07 GMT
vary
Accept-Encoding
skeleton.js
pixel.adsafeprotected.com/rjss/st/1218281/67368266/ Frame 9A69 		46 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/rjss/st/1218281/67368266/skeleton.js
Requested by
Host: ad2.adfarm1.adition.com
URL: https://ad2.adfarm1.adition.com/banner?sid=2885601&adjsver=3&fvers=&iframe=1&ref=https%3A//flashnetic.com/r/p.html%3Ff%3Dtnpxzjf%26e%3D1971603729092&ro=https%3A//flashnetic.com/r/p.html%3Ff%3Dtnpxzjf%26e%3D1971603729092&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/108.0.5359.124%20Safari/537.36&os=17&browser=11&userid=7180654624183416986&kid=5572862&kw=PACS%5F4787252%5F17071377&gdpr=0&screen_res=6&wpt=J&clickurl=https%3A%2F%2Ffra1%2Dib.adnxs.com%2Fclick%3FkmrOcDsU4D8iU7tT2MHYPwAAAIAUruc%5FR8XGl%2Dxq5D8TDyibcoXqP7FgxrpyvWxnjRdONcm4NVZWz6ZjAAAAAHlDgQEYKAAAsAQAAAIAAAC8Az8YnuYfAAAAAABVU0QARVVSACwB%2DgAx%2DQAAAAABAQUCAAAAAMoACCYpQAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521ABIX%2DgjJo5YaELyH%5FMEBGJ7NfyAAKAAxAAAAAAAAAAA6CUZSQTE6NTI5OECIMElIMxZNZyfuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTIwMCNGUkExOjUyOTg%3D%2Fbn%3D93260%2Fclickenc%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7180654637074942986%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7180654624183416986%2526sid%253D4787252%2526kid%253D5641793%2526bid%253D17071377%2526c%253D42599%2526keyword%253D%25255Bmtp%25255D%252528cid%252529406782908%25255BAAID%25255D%25255BIDFA%25255D%25255Bu%25255Dhttps%25253A%25252F%25252Fforward.com%25252F%25255Bp%25255D1654713%25255Bmtp%25255D%252528segc%252529%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.4.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-4-225.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ede5ba0b35e51af2734737e1c0087a0be1ed3cba1250838441a51624d3290313

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:27 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
B28713148.352526337;dc_pre=CJHwo46BkvwCFajzEQgd3qMHQQ;dc_trk_aid=540623886;dc_trk_cid=180161300;ord=7180654654252321549;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=...
ad.doubleclick.net/ddm/trackimp/N7861.4425511PIAADVERTISINGGMBH/ Frame 9A69
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N7861.4425511PIAADVERTISINGGMBH/B28713148.352526337;dc_trk_aid=540623886;dc_trk_cid=180161300;ord=7180654654252321549;dc_lat=;dc_rdid=;tag_for_child_directed...
  • https://ad.doubleclick.net/ddm/trackimp/N7861.4425511PIAADVERTISINGGMBH/B28713148.352526337;dc_pre=CJHwo46BkvwCFajzEQgd3qMHQQ;dc_trk_aid=540623886;dc_trk_cid=180161300;ord=7180654654252321549;dc_la...
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N7861.4425511PIAADVERTISINGGMBH/B28713148.352526337;dc_pre=CJHwo46BkvwCFajzEQgd3qMHQQ;dc_trk_aid=540623886;dc_trk_cid=180161300;ord=7180654654252321549;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=tnpxzjf&e=1971603729092
Protocol
H3
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:27 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N7861.4425511PIAADVERTISINGGMBH/B28713148.352526337;dc_pre=CJHwo46BkvwCFajzEQgd3qMHQQ;dc_trk_aid=540623886;dc_trk_cid=180161300;ord=7180654654252321549;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ai.aspx
m.exactag.com/ Frame 9A69 		60 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.exactag.com/ai.aspx?extProvId=87&extPu=amex-adition&extLi=5572862&extPm=2885601&extCr=16955426&gdpr=0&gdpr_consent=&rnd=7180654654252321549
Requested by
Host: ad2.adfarm1.adition.com
URL: https://ad2.adfarm1.adition.com/banner?sid=2885601&adjsver=3&fvers=&iframe=1&ref=https%3A//flashnetic.com/r/p.html%3Ff%3Dtnpxzjf%26e%3D1971603729092&ro=https%3A//flashnetic.com/r/p.html%3Ff%3Dtnpxzjf%26e%3D1971603729092&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/108.0.5359.124%20Safari/537.36&os=17&browser=11&userid=7180654624183416986&kid=5572862&kw=PACS%5F4787252%5F17071377&gdpr=0&screen_res=6&wpt=J&clickurl=https%3A%2F%2Ffra1%2Dib.adnxs.com%2Fclick%3FkmrOcDsU4D8iU7tT2MHYPwAAAIAUruc%5FR8XGl%2Dxq5D8TDyibcoXqP7FgxrpyvWxnjRdONcm4NVZWz6ZjAAAAAHlDgQEYKAAAsAQAAAIAAAC8Az8YnuYfAAAAAABVU0QARVVSACwB%2DgAx%2DQAAAAABAQUCAAAAAMoACCYpQAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521ABIX%2DgjJo5YaELyH%5FMEBGJ7NfyAAKAAxAAAAAAAAAAA6CUZSQTE6NTI5OECIMElIMxZNZyfuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTIwMCNGUkExOjUyOTg%3D%2Fbn%3D93260%2Fclickenc%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7180654637074942986%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7180654624183416986%2526sid%253D4787252%2526kid%253D5641793%2526bid%253D17071377%2526c%253D42599%2526keyword%253D%25255Bmtp%25255D%252528cid%252529406782908%25255BAAID%25255D%25255BIDFA%25255D%25255Bu%25255Dhttps%25253A%25252F%25252Fforward.com%25252F%25255Bp%25255D1654713%25255Bmtp%25255D%252528segc%252529%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.202.235.9 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:27 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy
cross-origin
Connection
close
X-ET-Monitoring
1
X-Xss-Protection
0
Pragma
no-cache
Last-Modified
Sa, 24 Dez 2022 10:07:28 GMT
X-ET-Code
0
Content-Type
image/gif
Cache-Control
max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-ET-Camp
1250
Expires
Mon, 26 Jul 1997 05:00:00 GMT
async_usersync
ib.adnxs.com/ Frame F81A 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:27 GMT
AN-X-Request-Uuid
6f83a83f-e581-43da-8279-0863981700e2
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
impl_v92.js
www.googletagservices.com/dcm/ Frame 07FC 		60 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v92.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8acf96115cb55ad61bfdc24b7918a946d1b983ac14062a584dbbe8744021430a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 18 Dec 2022 01:33:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
549257
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23563
x-xss-protection
0
last-modified
Mon, 07 Nov 2022 16:32:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 18 Dec 2023 01:33:10 GMT
async_usersync
ib.adnxs.com/ Frame 87D9 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1654713&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:27 GMT
AN-X-Request-Uuid
cd85ffa4-9c98-4832-bde8-dc5dfdc63a06
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 45A5 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:27 GMT
AN-X-Request-Uuid
8bf71cc9-ef0f-4ccf-acb2-89d423f13fb8
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 6800 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=xsxkp&e=1971603729092
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
53036
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 24 Dec 2022 10:07:28 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 15 Dec 2022 19:23:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
100, 270313
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220093-HHN
X-Timer
S1671876448.005656,VS0,VE0
rd_log
fra1-ib.adnxs.com/ Frame A4FA 		0
930 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fforward.com%2F&e=wqT_3QLdDPBMXQYAAAMA1gAFAQjWnpudBhDlyfuFx9nckjcYja-4qpOZ7ppWKjYJpk5AE2HDgz8RinaU0Wh1fT8ZAAAAgBSu5z8hinaU0Wh1fT8ppU4JJPCBMQAAAEDheoQ_MPmGhQw4mFBA6j9IAlDlyuVyWJ7Nf2AAaLHylwF4rIgGgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAlN1ZignYScsIDQ4MTkzNjksIDApO3VmKCdpJywgNDgyNDc0MRUULGcnLCAxMjczNDk3MRUVMHInLCAyNDA3Mzk2ODUFFvQXAZICpQQhSDJ0cVF3aTkzTlFWRU9YSzVYSVlBQ0Nlelg4d0FEZ0FRQUJJNmo5US1ZYUZERmdBWUwwR2FBQndBSGdBZ0FFQWlBRUFrQUVCbUFFQm9BRUJxQUVCc0FFQXVRSFBFS0RWX01HRFA4RUJ6eENnMWZ6Qmd6X0pBUUFBQUFBQUFQQV8yUUVBQUFBQUFBRHdQLUFCcGIybUF2VUJ6Y3pNUFpnQ0FLQUNBYlVDQUFBQUFMMENBQUFBQU1BQ0FNZ0NBTkFDQU5nQ0FPQUNBT2dDQVBnQ0FJQURBWmdEQWJvRENVWlNRVEU2TmpZeU1lQURpRENBQklmcnhRU0lCTmJ3eXdTUUJBR1lCQUc2QkJvSWhRUVJBQUEBmhBBMEQ4WgUJCQEcZ2dzYUxEc0URrRRBMERfSkIJHAUBFDJBUUE4URHZYEFBQUlnRjNUT3BCVWd6RmsxbkotNF9zUVUBGgkBGE1FRm1wbVoBAhB1VF9KQgE7HEVCN3NyZ18wLigACE5rRgkxyEFBOERfZ0JjVUg4QVg3bzRrRy1BV3BrNllDZ2dZRFZWTkVpQVlBa0FZQm1BWUFvUWFhbQVeMG01UDZnR0JMSUdKQWsRSwhBQUIVywxBQUJrGRgAQx0YRExnR0NnLi6aApUBIWxoWnFhZzYpAihuczFfSUFBb0FERxltTHpvSlJsSkJNVG8yTmpJeFFJZ3dTAd0BAQxQQV9VEQwMQUFBVx0MAFkRDAxOQV9hEQwMQUFBYx0MEGVBQ0pBERDwQ1BBX9gCAOACm4VO6gIUaHR0cHM6Ly9mb3J3YXJkLmNvbS_yAhEKBkFEVl9JRBIHNDgxOTM2OfICEgoGQ1BHX0lEEggxbSVE8gIKCgVDUF9JRBIBMPICDQoIATYMRlJFUREQHFJFTV9VU0VSBRAAEQkgPENPREUSBTUwNTQ48gIjCggBVgUUGBcwMGszcDABAUxzZWJCSUFBWV9kZV818gILCgdDUAklHADyAhAKBUlPAXUMBzQ4MmHCGPICHQoHSU8JIQwSMDA2DUZgdWRiNk9BQVHyAhMKD0NVU1RPTV9NT0RFTAE9FADyAhoKFjIWACBMRUFGX05BTUUBHQgeCho2HQAIQVNUAT4QSUZJRUQBIRwNCghTUExJVAFN8LABMIADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA_DSkgHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMODAuMjU1LjcuMTA4qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANIEDjgxNzAjRlJBMTo2NjIx2gQCCAHgBAHwBOXK5XKIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAFDHgAANgFAeAFAfAFpMYq-gUECAAQAJAGAJgGALgGAMEGCSQo8D_QBugp2gYWChAJERkBdBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHrIgG0gcNCREoASYI2gcGAV1wGADgBwDqBwIIAPAHlsUDiggCEACVCAAAgD-YCAE.&s=a7f931cb7aaa68695d87eb28aa40e81b526ce94b&bdref=https%3A%2F%2Fforward.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fforward.com%2F,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dxsxkp%26e%3D1971603729092,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dxsxkp%26e%3D1971603729092&
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=xsxkp&e=1971603729092
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:27 GMT
AN-X-Request-Uuid
8274bd61-183a-4cdd-8f2c-9f87a4dd5bb3
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 69B7 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9978410e404c2f058fe25e4d4a70899c7a817bc0b86eddb39d97e827038aa770

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:27 GMT
content-encoding
gzip
last-modified
Sat, 24 Dec 2022 03:57:26 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=64189
content-length
10066
expires
Sun, 25 Dec 2022 03:57:16 GMT
async_usersync
ib.adnxs.com/ Frame 094D 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:27 GMT
AN-X-Request-Uuid
ede81bb2-2440-439a-8766-0fa343d23df1
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame C861 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
AN-X-Request-Uuid
446f0640-8005-417c-a24f-af13b2b3909b
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fpi.js
ap.lijit.com/www/delivery/ Frame 4ABA 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/www/delivery/fpi.js?z=1051987&width=728&height=90
Requested by
Host: smarttag.rubiconproject.com
URL: https://smarttag.rubiconproject.com/a/23684/436810/2500852-2.js?&cb=0.030256539936127647&tk_st=1&rf=https%3A//forward.com/news/529130/george-santos-jewish-lie-genealogy-records/&rp_s=c&p_pos=btf&p_screen_res=1600x1200&ad_slot=436810_2&rp_secure=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
53d3b513684b230591b0203df937048eb52f4e03e470ecf1ac2bf2477476da70

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
Content-Encoding
gzip
Server
nginx
ETag
W/"6390d276-1540"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
X-Sovrn-Pod
ad_ap1ams1
Expires
Thu, 01 Jan 1970 00:00:01 GMT
58b92a84-8063-482b-b65a-28d55754d8ce
beacon-ams3.rubiconproject.com/beacon/d/ Frame 4ABA 		43 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/58b92a84-8063-482b-b65a-28d55754d8ce?oo=0&accountId=23684&siteId=436810&zoneId=2500852&sizeId=2&e=6A1E40E384DA563B33E46D081878A4E877EE57AADCD8B994E328C4FFBD9B5FCFBDDF97B4561DA33B46D05068B8D45307FE5D718BBE08EF1C171DFAE954AA70579CEDF4142CB25441FA63250383C10C3663AF685AF18256F37A6ABEA508E1EE14654A7001BB33AB4318C49120C34F5AD4109478760DFABCFE32997889F1DA11D8
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::27 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:27 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
Content-Type
image/avif
Cache-Control
private, max-age=0, no-cache
Connection
keep-alive
Keep-Alive
timeout=60
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
01 Jan 1970 10:00:00 GMT
fpi.js
ap.lijit.com/www/delivery/ Frame DB03 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/www/delivery/fpi.js?z=1051987&width=728&height=90
Requested by
Host: smarttag.rubiconproject.com
URL: https://smarttag.rubiconproject.com/a/23684/436810/2500852-2.js?&cb=0.5479920848295696&tk_st=1&rf=https%3A//forward.com/news/529130/george-santos-jewish-lie-genealogy-records/&rp_s=c&p_pos=btf&p_screen_res=1600x1200&ad_slot=436810_2&rp_secure=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
53d3b513684b230591b0203df937048eb52f4e03e470ecf1ac2bf2477476da70

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
Content-Encoding
gzip
Server
nginx
ETag
W/"6390d276-1540"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
X-Sovrn-Pod
ad_ap1ams1
Expires
Thu, 01 Jan 1970 00:00:01 GMT
f4996d27-44b8-4bb7-8a80-019373199e07
beacon-ams3.rubiconproject.com/beacon/d/ Frame DB03 		43 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/f4996d27-44b8-4bb7-8a80-019373199e07?oo=0&accountId=23684&siteId=436810&zoneId=2500852&sizeId=2&e=6A1E40E384DA563B128EAED1CE068C0AA8C2B6EC84028DC08CD70EA3288F8ED30093C522CE9696D6C6255645A7A0CFE97A3220A15E3EC91D5EF3ED86272485E79CEDF4142CB25441FA63250383C10C3663AF685AF18256F37A6ABEA508E1EE14654A7001BB33AB4318C49120C34F5AD4109478760DFABCFE32997889F1DA11D8
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::27 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:27 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
Content-Type
image/avif
Cache-Control
private, max-age=0, no-cache
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
01 Jan 1970 10:00:00 GMT
cm
ipac.ctnsnet.com/int/ Frame F9DC 		43 B
312 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Sat, 24 Dec 2022 10:07:27 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
ImgSync
image8.pubmatic.com/AdServer/ Frame A2B3
Redirect Chain
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=nkh8gtcfmc1h
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,max-age=86400
date
Sat, 24 Dec 2022 10:07:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Sat, 24 Dec 2022 10:07:26 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
ImgSync
image8.pubmatic.com/AdServer/ Frame A591
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:8874ED5CEE8940DDB1B8506056D965E5&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,max-age=86400
date
Sat, 24 Dec 2022 10:07:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Sat, 24 Dec 2022 10:07:27 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
usersync
x.serverbid.com/ Frame 5B80 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://x.serverbid.com/usersync?ttt=3&src=2&cspi=0&cn=3&spui=&dpui=88A45D14-ACF1-42C5-8783-39F4189AF5BF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://ads.pubmatic.com
access-control-max-age
10080
date
Sat, 24 Dec 2022 10:07:27 GMT
p
a.audrte.com/ Frame 36A3
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=88A45D14-ACF1-42C5-8783-39F4189AF5BF
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
HTTP/1.1
Server
52.203.53.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-53-149.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:29 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Sat, 24 Dec 2022 10:07:28 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
info2
uipglob.semasio.net/pubmatic/1/ Frame 36A3
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=88A45D14-ACF1-42C5-8783-39F4189AF5BF&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=88A45D14-ACF1-42C5-8783-39F4189AF5BF&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=88A45D14-ACF1-42C5-8783-39F4189AF5BF&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
HTTP/1.1
Server
77.243.60.138 Norresundby, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:32 GMT
frontend-id
7
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:31 GMT
frontend-id
2
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=88A45D14-ACF1-42C5-8783-39F4189AF5BF&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Artemis
aud.pubmatic.com/AdServer/ Frame 36A3
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=88A45D14-ACF1-42C5-8783-39F4189AF5BF&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=88A45D14-ACF1-42C5-8783-39F4189AF5BF&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=88A45D14-ACF1-42C5-8783-39F4189AF5BF&addseg=19,36,42
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=88A45D14-ACF1-42C5-8783-39F4189AF5BF&addseg=19,36,42
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Server
185.64.189.229 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Redirect headers

date
Sat, 24 Dec 2022 10:07:29 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=88A45D14-ACF1-42C5-8783-39F4189AF5BF&addseg=19,36,42
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
generic
match.adsrvr.org/track/cmf/ Frame 36A3
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=88A45D14-ACF1-42C5-8783-39F4189AF5BF&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 24 Dec 2022 10:07:29 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length
0
16fe90b30c6d941080e5add8a1fe40af.js
s0.2mdn.net/sadbundle/12888370925857180031/ Frame 9442 		76 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12888370925857180031/16fe90b30c6d941080e5add8a1fe40af.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12888370925857180031/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
feaa404ec0eb3142b2867b271a772f018cf2b23fccef10cb0e572fda23315715
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12888370925857180031/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 17 Dec 2022 13:32:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
592511
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19324
x-xss-protection
0
last-modified
Fri, 09 Oct 2020 18:41:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 17 Dec 2023 13:32:17 GMT
Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame B8FD 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:965e:3ef:16d0:9a4c Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:28 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
rum
dsum-sec.casalemedia.com/ Frame B8FD
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=1bPmf4DmsivOs-Z91biqeNC0tnnOt-Yv0LOwaNNR
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=1bPmf4DmsivOs-Z91biqeNC0tnnOt-Yv0LOwaNNR
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=483
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=1bPmf4DmsivOs-Z91biqeNC0tnnOt-Yv0LOwaNNR
pragma
no-cache
date
Sat, 24 Dec 2022 10:07:28 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
crum
dsum.casalemedia.com/ Frame B8FD
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=6212074435349714829
43 B
832 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=6212074435349714829
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SLu%2B0z2lgmiZk9tid8iV0MVHArtiREWFtiSmjcLy6vi55q98BUwvG%2Bzn2R2BCDAnQB2PS2sU6LlY3zgDG1zeGTDI0WJeqDira2Tj238fHBpl%2FD1wMTrPc3y%2BYMEDBvjTcGWU0nMc"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
77e887c0bff3bbdf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Date
Sat, 24 Dec 2022 10:07:28 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
b995bf38-a8ff-42b3-824f-6c12ebaaa9f2
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=6212074435349714829
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tp_out
d.adroll.com/cm/index/ Frame B8FD 		42 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:cc3:fe05:1f91:910c:4285:3fe6 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:28 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.0
content-length
42
vary
Cookie
content-type
image/gif
ibs:dpid=23728&dpuuid=Y6bPWOa4eXFjFoTtryyD1wAA%261203
dpm.demdex.net/ Frame B8FD 		42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y6bPWOa4eXFjFoTtryyD1wAA%261203?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.144.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-144-110.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v045-0a4852727.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
7NVuTthrRww=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
bridge
cm.adgrx.com/ Frame B8FD 		43 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.95.96.108 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:28 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
ams-delivery-10
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT
crum
dsum-sec.casalemedia.com/ Frame B8FD
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7236359441748730540&expiration=1673086048
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7236359441748730540&expiration=1673086048
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:29 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=478
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7236359441748730540&expiration=1673086048
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
crum
dsum-sec.casalemedia.com/ Frame B8FD
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=97cb63a6-cf57-4b00-93fc-283781cb1270
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=97cb63a6-cf57-4b00-93fc-283781cb1270
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:29 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=479
Content-Length
43
Expires
0

Redirect headers

Date
Sat, 24 Dec 2022 10:07:28 GMT
Server
MT3 277 3f0ad7a master cdg-pixel-x29 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=97cb63a6-cf57-4b00-93fc-283781cb1270
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 24 Dec 2022 10:07:27 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame B8FD 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y6bPWOa4eXFjFoTtryyD1wAA%261203
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:28 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
5291
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77e887bc5d922c06-FRA
content-length
43
expires
Sun, 25 Dec 2022 10:07:28 GMT
rum
dsum-sec.casalemedia.com/ Frame F81C
Redirect Chain
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=f6ffb3ed-04a2-46b3-a84d-d3dcf9a4c8e4&us_privacy=null&gdpr_consent=null&gdpr=null
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=f6ffb3ed-04a2-46b3-a84d-d3dcf9a4c8e4&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=482
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=f6ffb3ed-04a2-46b3-a84d-d3dcf9a4c8e4&us_privacy=null&gdpr_consent=null&gdpr=null
date
Sat, 24 Dec 2022 10:07:28 GMT
server
_
content-length
0
crum
dsum-sec.casalemedia.com/ Frame F81C
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:29 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=477
Content-Length
43
Expires
0

Redirect headers

date
Sat, 24 Dec 2022 10:07:28 GMT
server
nginx
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
access-control-allow-origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
content-type
text/html; charset=UTF-8
cache-control
no-cache
keep-alive
timeout=10
access-control-allow-headers
Origin
crum
dsum-sec.casalemedia.com/ Frame F81C
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1687601248&external_user_id=5e432e67-f557-4027-a581-a53d0d77e612
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1687601248&external_user_id=5e432e67-f557-4027-a581-a53d0d77e612
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:29 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=484
Content-Length
43
Expires
0

Redirect headers

date
Sat, 24 Dec 2022 10:07:28 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1687601248&external_user_id=5e432e67-f557-4027-a581-a53d0d77e612
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
bridge
cm.adgrx.com/ Frame F81C 		43 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.95.96.108 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:28 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
ams-delivery-10
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT
ix
ad4m.at/ad/sim/ Frame F81C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
crum
dsum-sec.casalemedia.com/ Frame F81C
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:29 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=486
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D
date
Sat, 24 Dec 2022 10:07:28 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
crum
dsum-sec.casalemedia.com/ Frame F81C
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7236359441748730540&expiration=1673086048
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7236359441748730540&expiration=1673086048
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:29 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=487
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7236359441748730540&expiration=1673086048
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
crum
dsum-sec.casalemedia.com/ Frame F81C
Redirect Chain
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=e7d8f2df-e1d3-4cf3-a977-5b1cb182a8ae
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=e7d8f2df-e1d3-4cf3-a977-5b1cb182a8ae
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:29 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=e7d8f2df-e1d3-4cf3-a977-5b1cb182a8ae
date
Sat, 24 Dec 2022 10:07:28 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
content-type
text/html; charset=utf-8
htw-pixel.gif
cdn.indexww.com/ht/ Frame F81C 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y6bPWOa4eXFjFoTtryyD1wAA%261203
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:28 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
5291
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77e887bc6da42c06-FRA
content-length
43
expires
Sun, 25 Dec 2022 10:07:28 GMT
casale
match.adsrvr.org/track/cmf/ Frame 8B30 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 24 Dec 2022 10:07:28 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
rum
dsum-sec.casalemedia.com/ Frame 8B30
Redirect Chain
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=3e802f9b-a34c-4e29-9cad-14b061c7e393&us_privacy=null&gdpr_consent=null&gdpr=null
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=3e802f9b-a34c-4e29-9cad-14b061c7e393&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=481
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=3e802f9b-a34c-4e29-9cad-14b061c7e393&us_privacy=null&gdpr_consent=null&gdpr=null
date
Sat, 24 Dec 2022 10:07:28 GMT
server
_
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 8B30
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:30 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=481
Content-Length
43
Expires
0

Redirect headers

date
Sat, 24 Dec 2022 10:07:29 GMT
server
nginx
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
access-control-allow-origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
content-type
text/html; charset=UTF-8
cache-control
no-cache
keep-alive
timeout=10
access-control-allow-headers
Origin
crum
dsum-sec.casalemedia.com/ Frame 8B30
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7236359441748730540&expiration=1673086048
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7236359441748730540&expiration=1673086048
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:29 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=485
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7236359441748730540&expiration=1673086048
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
ie
match.prod.bidr.io/cookie-sync/ Frame 8B30 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.69.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-69-248.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 8B30
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1687601248&external_user_id=5e432e67-f557-4027-a581-a53d0d77e612
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1687601248&external_user_id=5e432e67-f557-4027-a581-a53d0d77e612
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:29 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=476
Content-Length
43
Expires
0

Redirect headers

date
Sat, 24 Dec 2022 10:07:28 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1687601248&external_user_id=5e432e67-f557-4027-a581-a53d0d77e612
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 8B30 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Sat, 24 Dec 2022 10:07:28 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
rum
dsum-sec.casalemedia.com/ Frame 8B30
Redirect Chain
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=Y6bPWOa4eXFjFoTtryyD1wAA%261203
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=46589e70-2234-4472-9872-c934331612eb-tuctaa054e0
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=46589e70-2234-4472-9872-c934331612eb-tuctaa054e0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:29 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=485
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=46589e70-2234-4472-9872-c934331612eb-tuctaa054e0
date
Sat, 24 Dec 2022 10:07:28 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
40696
htw-pixel.gif
cdn.indexww.com/ht/ Frame 8B30 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y6bPWOa4eXFjFoTtryyD1wAA%261203
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:28 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
5291
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77e887bc7dce2c06-FRA
content-length
43
expires
Sun, 25 Dec 2022 10:07:28 GMT
crum
dsum-sec.casalemedia.com/ Frame 507F
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7236359441748730540&expiration=1673086048
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7236359441748730540&expiration=1673086048
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=490
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7236359441748730540&expiration=1673086048
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
rum
dsum-sec.casalemedia.com/ Frame 507F
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=1bPmf4DmsivOs-Z91biqeNC0tnnOt-Yv0LOwaNNR
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=1bPmf4DmsivOs-Z91biqeNC0tnnOt-Yv0LOwaNNR
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=490
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=1bPmf4DmsivOs-Z91biqeNC0tnnOt-Yv0LOwaNNR
pragma
no-cache
date
Sat, 24 Dec 2022 10:07:28 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
ibs:dpid=23728&dpuuid=Y6bPWOa4eXFjFoTtryyD1wAA%261203
dpm.demdex.net/ Frame 507F 		42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y6bPWOa4eXFjFoTtryyD1wAA%261203?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.144.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-144-110.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v045-0826e4ce6.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
645L/QUoRvg=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
rum
dsum.casalemedia.com/ Frame 507F
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=index
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=index&bsw_custom_parameter=755320ee-2727-4208-8ed9-6b19251e856a
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=index&expires=10&bsw_param=755320ee-2727-4208-8ed9-6b19251e856a
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=755320ee-2727-4208-8ed9-6b19251e856a&gdpr=&gdpr_consent=&us_privacy=
43 B
832 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=755320ee-2727-4208-8ed9-6b19251e856a&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZtY%2Fv%2B%2FvStfcEFRZNxbL19og8J8dinbZzLyeVWKIaUIITiG3mnIa7U5BXp677g4jbby8FFFkOpMYuBqXxXlLt9ysdt82l7oF9tIz6enaxkIdvXecR8NvXWsPfiJrJypckXtx9Tmm"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
77e887cdfd74bbdf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
//dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=755320ee-2727-4208-8ed9-6b19251e856a&gdpr=&gdpr_consent=&us_privacy=
date
Sat, 24 Dec 2022 10:07:30 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 507F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=97cb63a6-cf57-4b00-93fc-283781cb1270
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=97cb63a6-cf57-4b00-93fc-283781cb1270
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:29 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=486
Content-Length
43
Expires
0

Redirect headers

Date
Sat, 24 Dec 2022 10:07:28 GMT
Server
MT3 277 3f0ad7a master cdg-pixel-x32 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=97cb63a6-cf57-4b00-93fc-283781cb1270
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 24 Dec 2022 10:07:27 GMT
casale
match.adsrvr.org/track/cmf/ Frame 507F 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 24 Dec 2022 10:07:28 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 507F
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=h2WmCXc31P91r65
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=h2WmCXc31P91r65
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:29 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=478
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/4da9b91#4da9b91e1fcbbaec3beafc6ce8a7393d26d4f693 i-0f25e10db9e73ae52@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=h2WmCXc31P91r65
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum.casalemedia.com/ Frame 507F
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1671962848
43 B
831 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1671962848
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wAetyX0wWcfQStbYX4h%2BjlqyNGvaWc0wOc7D6q2r6yAAmfKUpvbbkM71kFB6xFuOHA9iKepdbQdj5UgWptD0RHtXjYOmxkkE1f8FRjKmj6CrkCXJR0ggwUewIZMWikJy%2BGTboTiT"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
77e887c0d83cbbdf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1671962848
pragma
no-cache
date
Sat, 24 Dec 2022 10:07:28 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
htw-pixel.gif
cdn.indexww.com/ht/ Frame 507F 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y6bPWOa4eXFjFoTtryyD1wAA%261203
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:28 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
5291
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77e887bc8df12c06-FRA
content-length
43
expires
Sun, 25 Dec 2022 10:07:28 GMT
dt
dt.adsafeprotected.com/ Frame 90BF 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=992712&asId=49e132d2-5ad6-58a6-64ce-f1e52a531ee1&tv=%7Bc:xHUzko,pingTime:-6,time:5362,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:0,o:5362,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:4491,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B927~0%5D,as:%5B927~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tqVxaI2+11%7C121%7C131%7C141%7C151%7C161%7C171%7C181%7C191%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e11%7C1e12%7C1e13%7C1f11%7C1f12%7C1f13%7C1g11%7C1g21%7C1g3%7C1g4%7C1g5%7C1h11%7C1h12%7C1h2%7C1h3%7C1h41%7C1h5%7C1i11%7C1i12%7C1i13%7C1i2%7C1i31%7C1i4%7C1i5%7C1j1*.992712-61653181%7C1j11%7C1j12%7C1j2%7C1j31%7C1j4%7C1j5%7C1k11%7C1k12%7C1k21%7C1k3%7C1k4%7C1k5%7C1l11%7C1l12%7C1l2%7C1l3%7C1l4%7C1l51%7C1m11%7C1m12%7C1m2%7C1m31%7C1m4%7C1m5%7C1n1.992712-61653181%7C1n11%7C1n12%7C1n13%7C1n2%7C1n3%7C1n4%7C1n51%7C1o1.992712-61653181%7C1o11%7C1o12%7C1o13%7C1o21%7C1o3%7C1o4%7C1o5%7C1p11%7C1p12%7C1p13%7C1p14%7C1p15%7C1p2%7C1p3%7C1p41%7C1p5%7C1q11%7C1q12%7C1q2%7C1q3%7C1q4%7C1q51%7C1r11%7C1r12%7C1r13%7C1r2%7C1r3%7C1r41%7C1r5%7C1s11%7C1s12%7C1s13%7C1s2%7C1s3%7C1s4%7C1s51%7C1t%7C1u11%7C1u12%7C1u13%7C1v11%7C1v12%7C1v21%7C1v3%7C1v4%7C1v5%7C1w11%7C1w2%7C1w3%7C1w41%7C1w5%7C1x1%7C1x21%7C1x3%7C1x4%7C1x5%7C1y11%7C1y12%7C1y2%7C1y31%7C1y4%7C1y5%7C1z11%7C1z12%7C1z2%7C1z3%7C1z41%7C1z5%7C11011%7C11012%7C1102%7C11031%7C1104%7C1105%7C1111%7C1112%7C11131%7C1114%7C1115%7C11211%7C11212%7C1122%7C1123%7C1124%7C11251%7C11311%7C1132%7C1133%7C1134%7C11351%7C11411%7C11412%7C1142%7C1143%7C11441%7C1145%7C11511%7C11611%7C1171%7C11721%7C1173%7C1174%7C1175%7C11811%7C11812%7C11821%7C1183%7C1184%7C1185%7C11911%7C11912%7C11921%7C1193%7C1194%7C1195%7C11a11%7C11a12%7C11a21%7C11a3%7C11a4%7C11a5%7C11b1%7C11b2%7C11b3%7C11b4%7C11b5%7C11c1%7C11c2%7C11c3%7C11c4%7C11c5%7C11d11%7C11d12%7C11d2%7C11d3%7C11d4%7C11d5%7C11e11%7C11e12%7C11e21%7C11f11%7C11f12%7C11f2%7C11g11%7C11g2%7C11g3%7C11g4%7C11g5%7C11h11%7C11h12%7C11h2%7C11i11%7C11i12%7C11i2%7C11j1%7C11k1%7C11l1%7C11m1%7C11n1%7C11o1%7C11p1%7C11q1%7C11q21%7C11q22%7C11q23%7C11q24%7C11q25%7C11q26%7C11q27%7C11q28%7C11q29%7C11q2a%7C11q2b%7C11q2c%7C11q2d%7C11q2e%7C11q2f%7C11q2g%7C11q2h%7C11q2i%7C11q3%7C11q4%7C11r1%7C11r2%7C11r3%7C11r4%7C11s1%7C11s2%7C11s3%7C11s4%7C11t1%7C11t2%7C11t3%7C11t4%7C11u1%7C11u2%7C11u3%7C11u4,idMap:1j1*,rmeas:1,rend:0,renddet:na,siq:4493%7D&tpiLookup=ao:forward.com*%2Cflashnetic.com*&br=c
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=efljs&e=1535582086632
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:e69a:c43c:f0d:9cd8 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:28 GMT
server
nginx
x-server-name
dt05.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
p
a.audrte.com/ Frame 57FA
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=88A45D14-ACF1-42C5-8783-39F4189AF5BF
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
HTTP/1.1
Server
52.203.53.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-53-149.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:29 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Sat, 24 Dec 2022 10:07:28 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
info2
uipglob.semasio.net/pubmatic/1/ Frame 57FA
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=88A45D14-ACF1-42C5-8783-39F4189AF5BF&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=88A45D14-ACF1-42C5-8783-39F4189AF5BF&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=88A45D14-ACF1-42C5-8783-39F4189AF5BF&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
HTTP/1.1
Server
77.243.60.138 Norresundby, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:32 GMT
frontend-id
7
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:31 GMT
frontend-id
15
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=88A45D14-ACF1-42C5-8783-39F4189AF5BF&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Artemis
aud.pubmatic.com/AdServer/ Frame 57FA
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=88A45D14-ACF1-42C5-8783-39F4189AF5BF&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=88A45D14-ACF1-42C5-8783-39F4189AF5BF&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=88A45D14-ACF1-42C5-8783-39F4189AF5BF&addseg=19,36,42
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=88A45D14-ACF1-42C5-8783-39F4189AF5BF&addseg=19,36,42
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Server
185.64.189.229 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Redirect headers

date
Sat, 24 Dec 2022 10:07:29 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=88A45D14-ACF1-42C5-8783-39F4189AF5BF&addseg=19,36,42
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
mw
mwzeom.zeotap.com/ Frame 57FA
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=88A45D14-ACF1-42C5-8783-39F4189AF5BF&gdpr=0&gdpr_consent=
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=1b90a1569453975cc12b2b57c50aa752&gdpr=0
  • https://c1.adform.net/serving/cookie/match?party=1242&redirect=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D68%26icm%26cver%26mapped%3D__ADFUID__%26gdpr%3D0
  • https://pixel.onaudience.com/?partner=68&icm&cver&mapped=7236359441748730540&gdpr=0
  • https://spl.zeotap.com/?zdid=1332&zcluid=e5cc4c2eac971790
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=d65aec00-c6de-473e-7d58-4e7e5626a8cd&reqId=1e0fda63-c940-4001-580a-e08bd117d955&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEF2GDsafLzPmU-3i4K3wCDU&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=d65aec00-c6de-473e-7d58-4e7e5626a8cd&reqId=1e0fda63-c940-4001-580a-e08...
95 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEF2GDsafLzPmU-3i4K3wCDU&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=d65aec00-c6de-473e-7d58-4e7e5626a8cd&reqId=1e0fda63-c940-4001-580a-e08bd117d955&zcluid=e5cc4c2eac971790&zdid=1332
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:37 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
77e887f06e932bf1-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEF2GDsafLzPmU-3i4K3wCDU&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=d65aec00-c6de-473e-7d58-4e7e5626a8cd&reqId=1e0fda63-c940-4001-580a-e08bd117d955&zcluid=e5cc4c2eac971790&zdid=1332
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
ipac.ctnsnet.com/int/ Frame 6371 		43 B
61 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Sat, 24 Dec 2022 10:07:27 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
ImgSync
image8.pubmatic.com/AdServer/ Frame B8A6
Redirect Chain
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=nkh8gtcfmc1h
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,max-age=86400
date
Sat, 24 Dec 2022 10:07:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Sat, 24 Dec 2022 10:07:26 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 480A
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:8874ED5CEE8940DDB1B8506056D965E5&gdpr=0&gdpr_consent=
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:8874ED5CEE8940DDB1B8506056D965E5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Sat, 24 Dec 2022 10:07:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Sat, 24 Dec 2022 10:07:28 GMT
expires
Fri, 23 Dec 2022 10:07:28 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:8874ED5CEE8940DDB1B8506056D965E5&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
usersync
x.serverbid.com/ Frame 9DBB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://x.serverbid.com/usersync?ttt=3&src=2&cspi=0&cn=3&spui=&dpui=88A45D14-ACF1-42C5-8783-39F4189AF5BF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://ads.pubmatic.com
access-control-max-age
10080
date
Sat, 24 Dec 2022 10:07:27 GMT
match
c1.adform.net/serving/cookie/ Frame 098F 		35 B
477 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=88A45D14-ACF1-42C5-8783-39F4189AF5BF&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Sat, 24 Dec 2022 10:07:28 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
usersync
x.serverbid.com/ Frame 8E57 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://x.serverbid.com/usersync?ttt=3&src=2&cspi=0&cn=3&spui=&dpui=88A45D14-ACF1-42C5-8783-39F4189AF5BF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://ads.pubmatic.com
access-control-max-age
10080
date
Sat, 24 Dec 2022 10:07:27 GMT
SPug
image4.pubmatic.com/AdServer/ Frame FCBA
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=97cb63a6-cf57-4b00-93fc-283781cb1270
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=97cb63a6-cf57-4b00-93fc-283781cb1270
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:27 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sat, 24 Dec 2022 10:07:28 GMT
Server
MT3 277 3f0ad7a master cdg-pixel-x9 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=97cb63a6-cf57-4b00-93fc-283781cb1270
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 24 Dec 2022 10:07:27 GMT
match
c1.adform.net/serving/cookie/ Frame 995B 		35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=88A45D14-ACF1-42C5-8783-39F4189AF5BF&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Sat, 24 Dec 2022 10:07:28 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
SPug
image4.pubmatic.com/AdServer/ Frame FB04
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=97cb63a6-cf57-4b00-93fc-283781cb1270
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=97cb63a6-cf57-4b00-93fc-283781cb1270
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:26 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sat, 24 Dec 2022 10:07:28 GMT
Server
MT3 277 3f0ad7a master cdg-pixel-x34 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=97cb63a6-cf57-4b00-93fc-283781cb1270
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 24 Dec 2022 10:07:27 GMT
usersync
x.serverbid.com/ Frame 262E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://x.serverbid.com/usersync?ttt=3&src=2&cspi=0&cn=3&spui=&dpui=88A45D14-ACF1-42C5-8783-39F4189AF5BF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://ads.pubmatic.com
access-control-max-age
10080
date
Sat, 24 Dec 2022 10:07:27 GMT
Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 1A52
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
2a05:d018:d29:3605:965e:3ef:16d0:9a4c Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:29 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB
date
Sat, 24 Dec 2022 10:07:28 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame 1A52
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1687601248&external_user_id=5e432e67-f557-4027-a581-a53d0d77e612
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1687601248&external_user_id=5e432e67-f557-4027-a581-a53d0d77e612
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:29 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=479
Content-Length
43
Expires
0

Redirect headers

date
Sat, 24 Dec 2022 10:07:28 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1687601248&external_user_id=5e432e67-f557-4027-a581-a53d0d77e612
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
rum
dsum-sec.casalemedia.com/ Frame 1A52
Redirect Chain
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=9a2a2c1a-6050-413d-af08-52a04c33186b&us_privacy=null&gdpr_consent=null&gdpr=null
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=9a2a2c1a-6050-413d-af08-52a04c33186b&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:29 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=482
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=9a2a2c1a-6050-413d-af08-52a04c33186b&us_privacy=null&gdpr_consent=null&gdpr=null
date
Sat, 24 Dec 2022 10:07:29 GMT
server
_
content-length
0
rum
dsum-sec.casalemedia.com/ Frame 1A52
Redirect Chain
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=Y6bPWOa4eXFjFoTtryyD1wAA%261203
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=38afdc72-8e73-419f-a313-65aea544f78e-tuctaa054e0
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=38afdc72-8e73-419f-a313-65aea544f78e-tuctaa054e0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:29 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=476
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=38afdc72-8e73-419f-a313-65aea544f78e-tuctaa054e0
date
Sat, 24 Dec 2022 10:07:29 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
41634
crum
dsum-sec.casalemedia.com/ Frame 1A52
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=97cb63a6-cf57-4b00-93fc-283781cb1270
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=97cb63a6-cf57-4b00-93fc-283781cb1270
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:29 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=483
Content-Length
43
Expires
0

Redirect headers

Date
Sat, 24 Dec 2022 10:07:29 GMT
Server
MT3 277 3f0ad7a master cdg-pixel-x14 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=97cb63a6-cf57-4b00-93fc-283781cb1270
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
x-status
O1
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 24 Dec 2022 10:07:28 GMT
crum
dsum-sec.casalemedia.com/ Frame 1A52
Redirect Chain
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=1cfd1e29-b679-4f65-ae81-428bf0ff02c6
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=1cfd1e29-b679-4f65-ae81-428bf0ff02c6
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:29 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=483
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=1cfd1e29-b679-4f65-ae81-428bf0ff02c6
date
Sat, 24 Dec 2022 10:07:29 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
content-type
text/html; charset=utf-8
generic
match.adsrvr.org/track/cmf/ Frame 1A52
Redirect Chain
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=Y6bPWOa4eXFjFoTtryyD1wAA%261203&gdpr_consent=&us_privacy=&gdpr=
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=1f6fe6b22613c7e96f59d2f6bc7ad194&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7b...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=v1b0b_7180654671408516694&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=MWY2ZmU2YjIyNjEzYzdlOTZmNTlkMmY2YmM3YWQxOTQ=&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESELl8Brf4ZlYIBIbRXnmb64c&google_cver=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 24 Dec 2022 10:07:34 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:33 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1671876453480008-342
Expires
Sat, 24 Dec 2022 10:07:33 GMT
rum
dsum.casalemedia.com/ Frame 1A52
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1671962849
43 B
833 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1671962849
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zUFIYGss3%2F5RtjCx3pp11f3ryxVZSawznfhfh70kfd5QlqWckerQUeUSWBf7JXbkAtuVYRCd0pRfkVfXdSYg%2F5bQ2ACHqThXDhEEMrxFNqD09Xkkq0SdTJmHrOg397xfjZSr9y%2FZ"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
77e887c1faa6bbdf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1671962849
pragma
no-cache
date
Sat, 24 Dec 2022 10:07:29 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
htw-pixel.gif
cdn.indexww.com/ht/ Frame 1A52 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y6bPWOa4eXFjFoTtryyD1wAA%261203
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:29 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
5292
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77e887be39152c06-FRA
content-length
43
expires
Sun, 25 Dec 2022 10:07:29 GMT
rum
dsum.casalemedia.com/ Frame D995
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=index
  • https://ads.avads.net/sync/bsw?bidswitch_ssp_id=index&bidswitch_param=755320ee-2727-4208-8ed9-6b19251e856a&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=352&user_id=1be00cb1-674a-4cf6-948e-636f87f6abb1&expires=2&ssp=index&bsw_param=755320ee-2727-4208-8ed9-6b19251e856a
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=755320ee-2727-4208-8ed9-6b19251e856a&gdpr=&gdpr_consent=&us_privacy=
43 B
829 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=755320ee-2727-4208-8ed9-6b19251e856a&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bx1Ri7AjFmya6tmeiPfxFbE1H9K2YtZWIF11mewdAN6txTfLYFxzgcIYtwi04S8RDTay9FLiYfoJGXjDFtqauT8Fp82ZWy2CgwUyH8MtUibMjeI%2FTkq40j4%2FAHTFoMR4M0ufIpBV"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
77e887cabe38bbdf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
//dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=755320ee-2727-4208-8ed9-6b19251e856a&gdpr=&gdpr_consent=&us_privacy=
date
Sat, 24 Dec 2022 10:07:29 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
rum
dsum.casalemedia.com/ Frame D995
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1671962848
43 B
834 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1671962848
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=spmLZ0kaT9o3m09xxpLxhAR9pQXIH8lIGHePamXyb%2BR8RdikC3ZsCLHZW4oJPiD7%2FqErlYBc8lHSgJ252rTTKlMwfEjYqO%2FHx294K9gEgIxlU8JEz6MAtzSfki3VolGBOUqX%2Bxt6"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
77e887be3a97bbdf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1671962848
pragma
no-cache
date
Sat, 24 Dec 2022 10:07:28 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame D995 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Sat, 24 Dec 2022 10:07:28 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
rum
dsum-sec.casalemedia.com/ Frame D995
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y6bPWwAF2FDiKwAe
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y6bPWwAF2FDiKwAe
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:29 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=485
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-hhn-etou8220080-HHN
pragma
no-cache
date
Sat, 24 Dec 2022 10:07:28 GMT
via
1.1 varnish
server
Varnish
x-timer
S1671876449.999807,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y6bPWwAF2FDiKwAe
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
crum
dsum-sec.casalemedia.com/ Frame D995
Redirect Chain
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=3d42550d-1848-499d-8847-68f8339721d2
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=3d42550d-1848-499d-8847-68f8339721d2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:29 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=3d42550d-1848-499d-8847-68f8339721d2
date
Sat, 24 Dec 2022 10:07:29 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
content-type
text/html; charset=utf-8
ie
match.prod.bidr.io/cookie-sync/ Frame D995 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.69.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-69-248.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:29 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame D995
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=h2WmCXc31P91r65
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=h2WmCXc31P91r65
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:29 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=477
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/4da9b91#4da9b91e1fcbbaec3beafc6ce8a7393d26d4f693 i-050264eaa58f9e669@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=h2WmCXc31P91r65
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame D995
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:30 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=480
Content-Length
43
Expires
0

Redirect headers

date
Sat, 24 Dec 2022 10:07:29 GMT
server
nginx
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
access-control-allow-origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
content-type
text/html; charset=UTF-8
cache-control
no-cache
keep-alive
timeout=10
access-control-allow-headers
Origin
htw-pixel.gif
cdn.indexww.com/ht/ Frame D995 		43 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y6bPWOa4eXFjFoTtryyD1wAA%261203
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:29 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
5292
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77e887be39172c06-FRA
content-length
43
expires
Sun, 25 Dec 2022 10:07:29 GMT
Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame E9D0 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:965e:3ef:16d0:9a4c Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:28 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
tp_out
d.adroll.com/cm/index/ Frame E9D0 		42 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:cc3:fe05:1f91:910c:4285:3fe6 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:28 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.0
content-length
42
vary
Cookie
content-type
image/gif
rum
dsum.casalemedia.com/ Frame E9D0
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=index
  • https://ads.avads.net/sync/bsw?bidswitch_ssp_id=index&bidswitch_param=755320ee-2727-4208-8ed9-6b19251e856a&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=352&user_id=1be00cb1-674a-4cf6-948e-636f87f6abb1&expires=2&ssp=index&bsw_param=755320ee-2727-4208-8ed9-6b19251e856a
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=755320ee-2727-4208-8ed9-6b19251e856a&gdpr=&gdpr_consent=&us_privacy=
43 B
834 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=755320ee-2727-4208-8ed9-6b19251e856a&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9JoW2IhpOO%2FNW%2BqwPNyXeZoDK2q1i1jKI0ZgEb0ZogRuhyWEqW8eZQII7q3IzctHJOXjNPMGyQ7bVtIA8K7%2Bn4HflhcwhSaWnEP%2BMuoXsU3kvqtsUeKypKiz9TUwECUiDJHT42ii"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
77e887cf3834bbdf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
//dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=755320ee-2727-4208-8ed9-6b19251e856a&gdpr=&gdpr_consent=&us_privacy=
date
Sat, 24 Dec 2022 10:07:30 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame E9D0
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
2a05:d018:d29:3605:965e:3ef:16d0:9a4c Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:29 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB
date
Sat, 24 Dec 2022 10:07:29 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixelSync
pixel-sync.sitescout.com/dmp/ Frame E9D0 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Sat, 24 Dec 2022 10:07:28 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
crum
dsum-sec.casalemedia.com/ Frame E9D0
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:29 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=482
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:29 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
bridge
cm.adgrx.com/ Frame E9D0 		43 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.95.96.108 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:29 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
ams-delivery-10
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT
rum
dsum-sec.casalemedia.com/ Frame E9D0
Redirect Chain
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=Y6bPWOa4eXFjFoTtryyD1wAA%261203
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=f7975c1d-85e7-4f49-8c0d-31493e25f7e3-tuctaa054e1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=f7975c1d-85e7-4f49-8c0d-31493e25f7e3-tuctaa054e1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:29 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=f7975c1d-85e7-4f49-8c0d-31493e25f7e3-tuctaa054e1
date
Sat, 24 Dec 2022 10:07:29 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
41634
htw-pixel.gif
cdn.indexww.com/ht/ Frame E9D0 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y6bPWOa4eXFjFoTtryyD1wAA%261203
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:29 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
5292
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77e887be39192c06-FRA
content-length
43
expires
Sun, 25 Dec 2022 10:07:29 GMT
dt
dt.adsafeprotected.com/ Frame 3A7C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930248&asId=9d7b8e3d-18ac-083d-530b-71e179fb993e&tv=%7Bc:xHUzmq,pingTime:-6,time:2865,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:2866,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:1996,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B915~0%5D,as:%5B915~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:jload,dtt:0,fm:tqVxaI2+11%7C121%7C131%7C141%7C151%7C161%7C171%7C181%7C191%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e11%7C1e12%7C1e13%7C1f11%7C1f12%7C1f13%7C1g11%7C1g21%7C1g3%7C1g4%7C1g5%7C1h11%7C1h12%7C1h2%7C1h3%7C1h41%7C1h5%7C1i11%7C1i12%7C1i13%7C1i2%7C1i31%7C1i4%7C1i5%7C1j1.992712-61653181%7C1j11%7C1j12%7C1j13%7C1j2%7C1j31%7C1j4%7C1j5%7C1k11%7C1k12%7C1k21%7C1k3%7C1k4%7C1k5%7C1l11%7C1l12%7C1l2%7C1l3%7C1l4%7C1l51%7C1m11%7C1m12%7C1m2%7C1m31%7C1m4%7C1m5%7C1n1*.930248%7C1n11%7C1n12%7C1n13%7C1n2%7C1n3%7C1n4%7C1n51%7C1o1.992712-61653181%7C1o11%7C1o12%7C1o13%7C1o21%7C1o3%7C1o4%7C1o5%7C1p11%7C1p12%7C1p13%7C1p14%7C1p15%7C1p2%7C1p3%7C1p41%7C1p5%7C1q11%7C1q12%7C1q2%7C1q3%7C1q4%7C1q51%7C1r11%7C1r12%7C1r13%7C1r2%7C1r3%7C1r41%7C1r5%7C1s11%7C1s12%7C1s13%7C1s2%7C1s3%7C1s4%7C1s51%7C1t%7C1u11%7C1u12%7C1u13%7C1v11%7C1v12%7C1v21%7C1v3%7C1v4%7C1v5%7C1w11%7C1w2%7C1w3%7C1w41%7C1w5%7C1x1%7C1x21%7C1x3%7C1x4%7C1x5%7C1y11%7C1y12%7C1y2%7C1y31%7C1y4%7C1y5%7C1z11%7C1z12%7C1z2%7C1z3%7C1z41%7C1z5%7C11011%7C11012%7C1102%7C11031%7C1104%7C1105%7C1111%7C1112%7C11131%7C1114%7C1115%7C11211%7C11212%7C1122%7C1123%7C1124%7C11251%7C11311%7C1132%7C1133%7C1134%7C11351%7C11411%7C11412%7C1142%7C1143%7C11441%7C1145%7C11511%7C11611%7C1171%7C11721%7C1173%7C1174%7C1175%7C11811%7C11812%7C11821%7C1183%7C1184%7C1185%7C11911%7C11912%7C11921%7C1193%7C1194%7C1195%7C11a11%7C11a12%7C11a21%7C11a3%7C11a4%7C11a5%7C11b1%7C11b21%7C11b3%7C11b4%7C11b5%7C11c1%7C11c2%7C11c3%7C11c4%7C11c51%7C11d11%7C11d12%7C11d21%7C11d3%7C11d4%7C11d5%7C11e11%7C11e12%7C11e21%7C11f11%7C11f12%7C11f2%7C11g11%7C11g2%7C11g3%7C11g4%7C11g5%7C11h11%7C11h12%7C11h2%7C11i11%7C11i12%7C11i2%7C11j1%7C11k1%7C11l1%7C11m1%7C11n1%7C11o1%7C11o21%7C11o22%7C11o23%7C11o24%7C11o25%7C11o26%7C11o27%7C11o28%7C11o29%7C11o2a%7C11o2b%7C11o2c%7C11o2d%7C11o2e%7C11o2f%7C11o2g%7C11o2h%7C11o2i%7C11o3%7C11o4%7C11p1%7C11p2%7C11p3%7C11p4%7C11q1%7C11q2%7C11q3%7C11q4%7C11r1%7C11r2%7C11r3%7C11r4%7C11s1%7C11s2%7C11s3%7C11s4,idMap:1n1.3f7b216e-2265-fe8c-d694-beffe1a4ac1c.1024_992712-61653181%7C1n1*,rmeas:1,rend:0,renddet:na,siq:1997%7D&tpiLookup=ao:forward.com*%2Cflashnetic.com*&br=c
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=sqwwysn&e=1535582086632
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:e69a:c43c:f0d:9cd8 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:28 GMT
server
nginx
x-server-name
dt11.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame A931 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=992712&asId=878338a6-51f7-9396-3e8a-3135cb5fa0a7&tv=%7Bc:xHUznc,pingTime:-6,time:5437,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:0,o:5437,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:4620,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B855~0%5D,as:%5B855~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tqVxaI2+11%7C121%7C131%7C141%7C151%7C161%7C171%7C181%7C191%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e11%7C1e12%7C1e13%7C1f11%7C1f12%7C1f13%7C1g11%7C1g21%7C1g3%7C1g4%7C1g5%7C1h1*.992712-61653181%7C1h11%7C1h12%7C1h2%7C1h3%7C1h41%7C1h5%7C1i11%7C1i12%7C1i13%7C1i2%7C1i31%7C1i4%7C1i5%7C1j1.992712-61653181%7C1j11%7C1j12%7C1j13%7C1j2%7C1j31%7C1j4%7C1j5%7C1k11%7C1k12%7C1k21%7C1k3%7C1k4%7C1k5%7C1l11%7C1l12%7C1l2%7C1l3%7C1l4%7C1l51%7C1m11%7C1m12%7C1m2%7C1m31%7C1m4%7C1m5%7C1n1.992712-61653181%7C1n11%7C1n12%7C1n13%7C1n14%7C1n2%7C1n3%7C1n4%7C1n51%7C1o1.992712-61653181%7C1o11%7C1o12%7C1o13%7C1o21%7C1o3%7C1o4%7C1o5%7C1p11%7C1p12%7C1p13%7C1p14%7C1p15%7C1p2%7C1p3%7C1p41%7C1p5%7C1q11%7C1q12%7C1q2%7C1q3%7C1q4%7C1q51%7C1r11%7C1r12%7C1r13%7C1r2%7C1r3%7C1r41%7C1r5%7C1s11%7C1s12%7C1s13%7C1s2%7C1s3%7C1s4%7C1s51%7C1t%7C1u11%7C1u12%7C1u13%7C1v11%7C1v12%7C1v21%7C1v3%7C1v4%7C1v5%7C1w11%7C1w2%7C1w3%7C1w41%7C1w5%7C1x1%7C1x21%7C1x3%7C1x4%7C1x5%7C1y11%7C1y12%7C1y2%7C1y31%7C1y4%7C1y5%7C1z11%7C1z12%7C1z2%7C1z3%7C1z41%7C1z5%7C11011%7C11012%7C1102%7C11031%7C1104%7C1105%7C1111%7C1112%7C11131%7C1114%7C1115%7C11211%7C11212%7C1122%7C1123%7C1124%7C11251%7C11311%7C1132%7C1133%7C1134%7C11351%7C11411%7C11412%7C1142%7C1143%7C11441%7C1145%7C11511%7C11611%7C1171%7C11721%7C1173%7C1174%7C1175%7C11811%7C11812%7C11821%7C1183%7C1184%7C1185%7C11911%7C11912%7C11921%7C1193%7C1194%7C1195%7C11a11%7C11a12%7C11a21%7C11a3%7C11a4%7C11a5%7C11b1%7C11b21%7C11b3%7C11b4%7C11b5%7C11c1%7C11c2%7C11c3%7C11c4%7C11c51%7C11d11%7C11d12%7C11d21%7C11d3%7C11d4%7C11d5%7C11e11%7C11e12%7C11e21%7C11f11%7C11f12%7C11f2%7C11g11%7C11g2%7C11g3%7C11g4%7C11g5%7C11h11%7C11h12%7C11h2%7C11i11%7C11i12%7C11i2%7C11j1%7C11k1%7C11l1%7C11m1%7C11n1%7C11o1%7C11o21%7C11o22%7C11o23%7C11o24%7C11o25%7C11o26%7C11o27%7C11o28%7C11o29%7C11o2a%7C11o2b%7C11o2c%7C11o2d%7C11o2e%7C11o2f%7C11o2g%7C11o2h%7C11o2i%7C11o3%7C11o4%7C11p1%7C11p2%7C11p3%7C11p4%7C11q1%7C11q2%7C11q3%7C11q4%7C11r1%7C11r2%7C11r3%7C11r4%7C11s1%7C11s2%7C11s3%7C11s4,idMap:1h1*,rmeas:1,rend:0,renddet:na,siq:4621%7D&tpiLookup=ao:forward.com*%2Cflashnetic.com*&br=c
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=icavjgt&e=1535582086632
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:e69a:c43c:f0d:9cd8 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:28 GMT
server
nginx
x-server-name
dt08.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
async_usersync
ib.adnxs.com/ Frame 2CD7 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
AN-X-Request-Uuid
fdedab69-0c8f-47ab-878c-fdc7b6f8a92c
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame D964 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
AN-X-Request-Uuid
eacd69d3-befc-4438-96d9-ca24b715f367
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 9393 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=992712&asId=861dc8b1-c04a-f2f7-814a-af5215a5f97b&tv=%7Bc:xHUznx,pingTime:-6,time:5454,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:0,o:5454,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:4672,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B821~0%5D,as:%5B821~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tqVxaI2+11%7C121%7C131%7C141%7C151%7C161%7C171%7C181%7C191%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e11%7C1e12%7C1e13%7C1f11%7C1f12%7C1f13%7C1g11%7C1g21%7C1g3%7C1g4%7C1g5%7C1h1.992712-61653181%7C1h11%7C1h12%7C1h13%7C1h2%7C1h3%7C1h41%7C1h5%7C1i11%7C1i12%7C1i13%7C1i2%7C1i31%7C1i4%7C1i5%7C1j1.992712-61653181%7C1j11%7C1j12%7C1j13%7C1j2%7C1j31%7C1j4%7C1j5%7C1k1*.992712-61653181%7C1k11%7C1k12%7C1k21%7C1k3%7C1k4%7C1k5%7C1l11%7C1l12%7C1l2%7C1l3%7C1l4%7C1l51%7C1m11%7C1m12%7C1m2%7C1m31%7C1m4%7C1m5%7C1n1.992712-61653181%7C1n11%7C1n12%7C1n13%7C1n14%7C1n2%7C1n3%7C1n4%7C1n51%7C1o1.992712-61653181%7C1o11%7C1o12%7C1o13%7C1o21%7C1o3%7C1o4%7C1o5%7C1p11%7C1p12%7C1p13%7C1p14%7C1p15%7C1p2%7C1p3%7C1p41%7C1p5%7C1q11%7C1q12%7C1q2%7C1q3%7C1q4%7C1q51%7C1r11%7C1r12%7C1r13%7C1r2%7C1r3%7C1r41%7C1r5%7C1s11%7C1s12%7C1s13%7C1s2%7C1s3%7C1s4%7C1s51%7C1t%7C1u11%7C1u12%7C1u13%7C1v11%7C1v12%7C1v21%7C1v3%7C1v4%7C1v5%7C1w11%7C1w2%7C1w3%7C1w41%7C1w5%7C1x1%7C1x21%7C1x3%7C1x4%7C1x5%7C1y11%7C1y12%7C1y2%7C1y31%7C1y4%7C1y5%7C1z11%7C1z12%7C1z2%7C1z3%7C1z41%7C1z5%7C11011%7C11012%7C1102%7C11031%7C1104%7C1105%7C1111%7C1112%7C11131%7C1114%7C1115%7C11211%7C11212%7C1122%7C1123%7C1124%7C11251%7C11311%7C1132%7C1133%7C1134%7C11351%7C11411%7C11412%7C1142%7C1143%7C11441%7C1145%7C11511%7C11611%7C1171%7C11721%7C1173%7C1174%7C1175%7C11811%7C11812%7C11821%7C1183%7C1184%7C1185%7C11911%7C11912%7C11921%7C1193%7C1194%7C1195%7C11a11%7C11a12%7C11a21%7C11a3%7C11a4%7C11a5%7C11b1%7C11b21%7C11b3%7C11b4%7C11b5%7C11c1%7C11c2%7C11c3%7C11c4%7C11c51%7C11d11%7C11d12%7C11d21%7C11d3%7C11d4%7C11d5%7C11e11%7C11e12%7C11e21%7C11f11%7C11f12%7C11f2%7C11g11%7C11g2%7C11g3%7C11g4%7C11g5%7C11h11%7C11h12%7C11h2%7C11i11%7C11i12%7C11i2%7C11j1%7C11k1%7C11l1%7C11m1%7C11n1%7C11o1%7C11o21%7C11o22%7C11o23%7C11o24%7C11o25%7C11o26%7C11o27%7C11o28%7C11o29%7C11o2a%7C11o2b%7C11o2c%7C11o2d%7C11o2e%7C11o2f%7C11o2g%7C11o2h%7C11o2i%7C11o3%7C11o4%7C11p1%7C11p2%7C11p3%7C11p4%7C11q1%7C11q2%7C11q3%7C11q4%7C11r1%7C11r2%7C11r3%7C11r4%7C11s1%7C11s2%7C11s3%7C11s4,idMap:1k1*,rmeas:1,rend:0,renddet:na,siq:4673%7D&tpiLookup=ao:forward.com*%2Cflashnetic.com*&br=c
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=ybwpafwce&e=1535582086632
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:e69a:c43c:f0d:9cd8 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:28 GMT
server
nginx
x-server-name
dt10.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
async_usersync
ib.adnxs.com/ Frame 184C 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
AN-X-Request-Uuid
e81a4788-6867-425d-bad0-1bfd37bad663
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
css
fonts.googleapis.com/ Frame 5B21 		3 KB
630 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open%20Sans:700
Requested by
Host: cdn.advanseads.com
URL: https://cdn.advanseads.com/dnaFiles/js/jquery.min.js?v=1671855657369
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2371736975be245bd56385816b25ee7daa9a3cd826911c4fe5f2202ca74e9ec4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://delivery.advanseads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 24 Dec 2022 10:07:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 24 Dec 2022 10:02:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 24 Dec 2022 10:07:28 GMT
imp.png
count.advanseads.com/v6/ Frame 5B21 		0
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://count.advanseads.com/v6/imp.png?bt=f1e86116-365b-42ce-9f55-d07cb1a8622c&bv=&bi=0&df=4012&dr=%5B%22TADE48391106_de%22%5D&r=1671876448291&at=null&adv_imp=45900364-ebbc-481a-8893-5ae6b73a23cc&adv_int_imp=4a7ebf27-1dd6-4401-a31c-11cdefcfc5d8&zid=77191&zf=%7B%22property_code%22%3A%22TADE48391106_%5BADV_LOCAL_LANG%5D%22%2C%22browser_lang%22%3A%22%5BADV_LOCAL_LANG%5D%22%7D
Requested by
Host: delivery.advanseads.com
URL: https://delivery.advanseads.com/1.0/ifr.php?zid=77191&dt=2&cb=1305348382&c=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FXwfOGVHaWz8c5PNfJ8JUPwAAAIA9Cu8_HOTzXyfCVD9gB84ZUdpbP3X44UXzBG59jRdONcm4NVZXz6ZjAAAAAJdDgQEYKAAA6h8AAAIAAAAgNuAPnuYfAAAAAABVU0QARVVSANgCWgAx-QAAAAABAQUCAAAAAMoAJiTwUgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521xRSavgjVn4IXEKDsgH8Yns1_IAAoADF7FK5H4XqEPzoJRlJBMTo1Njc5QIgwSQAAAAAAAPA_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAANA_aQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DODE3MCNGUkExOjU2Nzk%3D%2Fbn%3D93300%2Fclickenc%3D&i=9038166945075165301&&&cb=720627&adv_imp=45900364-ebbc-481a-8893-5ae6b73a23cc&gen_imp=true&adv_int_imp=4a7ebf27-1dd6-4401-a31c-11cdefcfc5d8&zf=%7B%22property_code%22%3A%22TADE48391106_%5BADV_LOCAL_LANG%5D%22%2C%22browser_lang%22%3A%22%5BADV_LOCAL_LANG%5D%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.207.109.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-109-34.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://delivery.advanseads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:28 GMT
content-type
text/html
9038166945075165301
delivery.advanseads.com/1.0/ Frame 5B21 		520 B
520 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://delivery.advanseads.com/1.0/9038166945075165301
Requested by
Host: delivery.advanseads.com
URL: https://delivery.advanseads.com/1.0/ifr.php?zid=77191&dt=2&cb=1305348382&c=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FXwfOGVHaWz8c5PNfJ8JUPwAAAIA9Cu8_HOTzXyfCVD9gB84ZUdpbP3X44UXzBG59jRdONcm4NVZXz6ZjAAAAAJdDgQEYKAAA6h8AAAIAAAAgNuAPnuYfAAAAAABVU0QARVVSANgCWgAx-QAAAAABAQUCAAAAAMoAJiTwUgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521xRSavgjVn4IXEKDsgH8Yns1_IAAoADF7FK5H4XqEPzoJRlJBMTo1Njc5QIgwSQAAAAAAAPA_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAANA_aQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DODE3MCNGUkExOjU2Nzk%3D%2Fbn%3D93300%2Fclickenc%3D&i=9038166945075165301&&&cb=720627&adv_imp=45900364-ebbc-481a-8893-5ae6b73a23cc&gen_imp=true&adv_int_imp=4a7ebf27-1dd6-4401-a31c-11cdefcfc5d8&zf=%7B%22property_code%22%3A%22TADE48391106_%5BADV_LOCAL_LANG%5D%22%2C%22browser_lang%22%3A%22%5BADV_LOCAL_LANG%5D%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.223.100.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-100-168.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
8b73b6ccd7091d6d9d23adaab2baae3c4abf6de06df8efdd03215ee9376fa035

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://delivery.advanseads.com/1.0/ifr.php?zid=77191&dt=2&cb=1305348382&c=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FXwfOGVHaWz8c5PNfJ8JUPwAAAIA9Cu8_HOTzXyfCVD9gB84ZUdpbP3X44UXzBG59jRdONcm4NVZXz6ZjAAAAAJdDgQEYKAAA6h8AAAIAAAAgNuAPnuYfAAAAAABVU0QARVVSANgCWgAx-QAAAAABAQUCAAAAAMoAJiTwUgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521xRSavgjVn4IXEKDsgH8Yns1_IAAoADF7FK5H4XqEPzoJRlJBMTo1Njc5QIgwSQAAAAAAAPA_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAANA_aQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DODE3MCNGUkExOjU2Nzk%3D%2Fbn%3D93300%2Fclickenc%3D&i=9038166945075165301&&&cb=720627&adv_imp=45900364-ebbc-481a-8893-5ae6b73a23cc&gen_imp=true&adv_int_imp=4a7ebf27-1dd6-4401-a31c-11cdefcfc5d8&zf=%7B%22property_code%22%3A%22TADE48391106_%5BADV_LOCAL_LANG%5D%22%2C%22browser_lang%22%3A%22%5BADV_LOCAL_LANG%5D%22%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:28 GMT
server
awselb/2.0
content-length
520
content-type
text/html
Trip%20Inn%20Dasing-Augsburg%20-%20Display%20Ads.jpg
extranet.availpro.com/Distribution/Resources/Upload/12608_files_upload/ Frame 5B21 		264 KB
265 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://extranet.availpro.com/Distribution/Resources/Upload/12608_files_upload/Trip%20Inn%20Dasing-Augsburg%20-%20Display%20Ads.jpg
Requested by
Host: delivery.advanseads.com
URL: https://delivery.advanseads.com/1.0/ifr.php?zid=77191&dt=2&cb=1305348382&c=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FXwfOGVHaWz8c5PNfJ8JUPwAAAIA9Cu8_HOTzXyfCVD9gB84ZUdpbP3X44UXzBG59jRdONcm4NVZXz6ZjAAAAAJdDgQEYKAAA6h8AAAIAAAAgNuAPnuYfAAAAAABVU0QARVVSANgCWgAx-QAAAAABAQUCAAAAAMoAJiTwUgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521xRSavgjVn4IXEKDsgH8Yns1_IAAoADF7FK5H4XqEPzoJRlJBMTo1Njc5QIgwSQAAAAAAAPA_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAANA_aQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DODE3MCNGUkExOjU2Nzk%3D%2Fbn%3D93300%2Fclickenc%3D&i=9038166945075165301&&&cb=720627&adv_imp=45900364-ebbc-481a-8893-5ae6b73a23cc&gen_imp=true&adv_int_imp=4a7ebf27-1dd6-4401-a31c-11cdefcfc5d8&zf=%7B%22property_code%22%3A%22TADE48391106_%5BADV_LOCAL_LANG%5D%22%2C%22browser_lang%22%3A%22%5BADV_LOCAL_LANG%5D%22%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.185.33.185 Paris, France, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software
/
Resource Hash
86f5d01db39b71edd04f42a5d795203b0f5917acfa0ee40e24a2a1abe5de1071

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://delivery.advanseads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:28 GMT
Cache-Control
private
Content-Length
270761
Content-Type
image/jpeg
hit.php
tracker.book-secure.com/ Frame 5B21 		0
561 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracker.book-secure.com/hit.php?redir=null&typeredir=AcquisitionSJNDisplay&hotelnames=Trip%20Inn%20Dasing-Augsburg
Requested by
Host: delivery.advanseads.com
URL: https://delivery.advanseads.com/1.0/ifr.php?zid=77191&dt=2&cb=1305348382&c=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FXwfOGVHaWz8c5PNfJ8JUPwAAAIA9Cu8_HOTzXyfCVD9gB84ZUdpbP3X44UXzBG59jRdONcm4NVZXz6ZjAAAAAJdDgQEYKAAA6h8AAAIAAAAgNuAPnuYfAAAAAABVU0QARVVSANgCWgAx-QAAAAABAQUCAAAAAMoAJiTwUgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521xRSavgjVn4IXEKDsgH8Yns1_IAAoADF7FK5H4XqEPzoJRlJBMTo1Njc5QIgwSQAAAAAAAPA_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAANA_aQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DODE3MCNGUkExOjU2Nzk%3D%2Fbn%3D93300%2Fclickenc%3D&i=9038166945075165301&&&cb=720627&adv_imp=45900364-ebbc-481a-8893-5ae6b73a23cc&gen_imp=true&adv_int_imp=4a7ebf27-1dd6-4401-a31c-11cdefcfc5d8&zf=%7B%22property_code%22%3A%22TADE48391106_%5BADV_LOCAL_LANG%5D%22%2C%22browser_lang%22%3A%22%5BADV_LOCAL_LANG%5D%22%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.171.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-171-181.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://delivery.advanseads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding,User-Agent
P3P
CP="NOI DSP COR NID CUR OUR NOR STA"
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=15, max=100
Content-Length
20
Expires
0
LiberationSans-Regular.ttf.ttf
cdn.advanseads.com/dnaFiles/fonts/red-hat-inc_liberation-sans/ Frame 5B21 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.advanseads.com/dnaFiles/fonts/red-hat-inc_liberation-sans/LiberationSans-Regular.ttf.ttf
Requested by
Host: delivery.advanseads.com
URL: https://delivery.advanseads.com/1.0/ifr.php?zid=77191&dt=2&cb=1305348382&c=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FXwfOGVHaWz8c5PNfJ8JUPwAAAIA9Cu8_HOTzXyfCVD9gB84ZUdpbP3X44UXzBG59jRdONcm4NVZXz6ZjAAAAAJdDgQEYKAAA6h8AAAIAAAAgNuAPnuYfAAAAAABVU0QARVVSANgCWgAx-QAAAAABAQUCAAAAAMoAJiTwUgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521xRSavgjVn4IXEKDsgH8Yns1_IAAoADF7FK5H4XqEPzoJRlJBMTo1Njc5QIgwSQAAAAAAAPA_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAANA_aQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DODE3MCNGUkExOjU2Nzk%3D%2Fbn%3D93300%2Fclickenc%3D&i=9038166945075165301&&&cb=720627&adv_imp=45900364-ebbc-481a-8893-5ae6b73a23cc&gen_imp=true&adv_int_imp=4a7ebf27-1dd6-4401-a31c-11cdefcfc5d8&zf=%7B%22property_code%22%3A%22TADE48391106_%5BADV_LOCAL_LANG%5D%22%2C%22browser_lang%22%3A%22%5BADV_LOCAL_LANG%5D%22%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-79.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://delivery.advanseads.com/
Origin
https://delivery.advanseads.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:28 GMT
Via
1.1 2f194b62c8c43859cbf5af8e53a8d2a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA2-C2
Age
31
X-Cache
Error from cloudfront
Connection
keep-alive
Content-Length
1253
Last-Modified
Thu, 02 Jun 2016 16:49:36 GMT
Server
AmazonS3
ETag
"7201fa7458511f11736f1fe4df97250b"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
max-age=60
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Accept-Ranges
bytes
X-Amz-Cf-Id
kpViKk5ys835M05ulGhbBXfwHL6nx1rYF6tqaAULegT2hy7rVn1CmA==
vevent
fra1-ib.adnxs.com/ Frame 0E9D 		0
951 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fforward.com%2F&e=wqT_3QLFC_BMxQUAAAMA1gAFAQjXnpudBhD83IPY57vMyhoYja-4qpOZ7ppWKjYJDr4wmSoYdT8RgM8XlMxecD8ZAAAAgD0K7z8hgM8XlMxecD8pDr4JJPCBMQAAAEDhepQ_MJeHhQw4mFBAqTlIAlCgxcedAViezX9gAGix8pcBeMbbBIABAYoBA1VTRJIBA0VVUpgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAml1ZignYScsIDE2OTQzNjgsIDApO3VmKCdpJywgNTI0OTAyMBUULGcnLCAxMzU3MTkyMBUVMHMnLCAyNTY5Njc0MzUVFjByJywgMzMwNDI0OTkyBRbwtpICqQUhbW9mQ3NRaTYzUGdXRUtERng1MEJHQUFnbnMxX01BRTRBRUFBU0trNVVKZUhoUXhZQUdDOUJtZ0FjQTU0QUlBQkRvZ0JBSkFCQVpnQkFhQUJBcWdCQXJBQkFMa0JYVjk4OF9yamN6X0JBVk02Y1ktNEczVV95UUVBQUFBQUFBRHdQOWtCU0RNV1RXY243al9nQWZ5dndBTDFBWVhya1QtWUFnQ2dBZ0MxQWdBQUFBQzlBZwE58IZEQUFnRElBZ0RRQWc3WUFnRGdBdTc1OWhQb0F1WGdscDBHLUFJQmdBTUJtQU1Cb2dNT0NPYkZ2aWNRQkJnQkxRX2tMemlpQXhjSXg1TGVGUkFIR0FFdDhqSDNPeklIWkdWbVlYVnNkS0lERkFpV3Z1d2tFQWdZQUMyNmF5a19NZ1F5Tnpnem8FWAF4HE1RQ1JnQ0xRAZygQ2lBdzRJMExpVUFSQUtHQUF0QUFDQVA2SUREZ2p1LWZZVEVBc1lBaTABLcBBdWdNSlJsSkJNVG8xTnpnMzRBT0lNSUFFdUtPTENJZ0UycU9MQ0pBRUFaZ0VCTUVFBTUFAQhESkIFCAkBFDJBUUE4UQWBCQF0SWdGbXkyWUJZdUd4SHFwQlVnekZrMW5KLTRfc1FVCSQBAQhNRUYBBwkBCERKQgFDHEtBTTYtZ18wLigABE5rBSjwRlFIY3Q1VF9nQllNRThBWFFycndHLUFXZ3RXZUNCZ05GVlZLSUJnQ1FCZ0dZQmdDaEJqMEsxNk53UGZJX3FBWUVzZ1lrQ1FBCW8MQUFBRQFwDQEARx0MAEkdDDh1QVlLmgKZASE4eFZXVGc6rQLYSjdOZnlBQUtBQXhQUXJYbzNBOThqODZDVVpTUVRFNk5UYzROMENJTUVsSU14Wk5aeWZ1UDFFQQ10DEFBRmsVCwRBRx0YAEcdGABIHRgQSGdBaVEREPCqRHdQdy4u2AIA4AKbhU7qAhRodHRwczovL2ZvcndhcmQuY29tL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA_DSkgHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMODAuMjU1LjcuMTA4qAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA0gQONzMzNyNGUkExOjU3ODfaBAIIAeAEAfAEhaAgiAUBmAUAoAX_EQEYAcAFAMkFAAUBFPA_0gUJCQULeAAAANgFAeAFAfAFhQH6BQQIABAAkAYAmAYAuAYAwQYBIDAAAPA_0Aa0JdoGFgoQCREZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB8bbBNIHDRVjASYI2gcGAV1wGADgBwDqBwIIAPAHlsUDiggCEACVCAAAgD-YCAE.&s=c4045ea5de8bd6d8f944f77bf2a24a13a58ac0ba&type=nv&nvt=5&jm=1003&sid=1425382271713132305&vd=ct~0|rr~0&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=25248663&cid=3&cr=nv&sw=1600&sh=1200&pw=1600&ph=90&ww=1600&wh=90&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/231/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
AN-X-Request-Uuid
cdf8c5f8-933a-46b0-ad4d-f92865434cab
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
fra1-ib.adnxs.com/ Frame F2A8 		0
951 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fforward.com%2F&e=wqT_3QLFC_BMxQUAAAMA1gAFAQjXnpudBhDb_pSnjaDHsmEYja-4qpOZ7ppWKjYJDr4wmSoYdT8RgM8XlMxecD8ZAAAAgD0K7z8hgM8XlMxecD8pDr4JJPCBMQAAAEDhepQ_MJeHhQw4mFBAqTlIAlCgxcedAViezX9gAGix8pcBeOWEBoABAYoBA1VTRJIBA0VVUpgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAml1ZignYScsIDE2OTQzNjgsIDApO3VmKCdpJywgNTI0OTAyMBUULGcnLCAxMzU3MTkyMBUVMHMnLCAyNTY5Njc0MzUVFjByJywgMzMwNDI0OTkyBRbwtpICqQUhZ0ljam53aTYzUGdXRUtERng1MEJHQUFnbnMxX01BRTRBRUFBU0trNVVKZUhoUXhZQUdDOUJtZ0FjQTU0QUlBQkRvZ0JBSkFCQVpnQkFhQUJBcWdCQXJBQkFMa0JYVjk4OF9yamN6X0JBVk02Y1ktNEczVV95UUVBQUFBQUFBRHdQOWtCU0RNV1RXY243al9nQWZ5dndBTDFBWVhya1QtWUFnQ2dBZ0MxQWdBQUFBQzlBZwE58IZEQUFnRElBZ0RRQWc3WUFnRGdBdTc1OWhQb0F1WGdscDBHLUFJQWdBTUJtQU1Cb2dNT0NPYkZ2aWNRQkJnQkxRX2tMemlpQXhjSXg1TGVGUkFIR0FFdDhqSDNPeklIWkdWbVlYVnNkS0lERkFpV3Z1d2tFQWdZQUMyNmF5a19NZ1F5Tnpnem8FWAF4HE1RQ1JnQ0xRAZygQ2lBdzRJMExpVUFSQUtHQUF0QUFDQVA2SUREZ2p1LWZZVEVBc1lBaTABLcBBdWdNSlJsSkJNVG8yTkRBMzRBT0lNSUFFdUtPTENJZ0UycU9MQ0pBRUFaZ0VCTUVFBTUFAQhESkIFCAkBFDJBUUE4UQWBCQF0SWdGaHpLWUJZdUd4SHFwQlVnekZrMW5KLTRfc1FVCSQBAQhNRUYBBwkBCERKQgFDHEtBTTYtZ18wLigABE5rBSjwRlFIY3Q1VF9nQllNRThBWFFycndHLUFXZ3RXZUNCZ05GVlZLSUJnQ1FCZ0dZQmdDaEJqMEsxNk53UGZJX3FBWUVzZ1lrQ1FBCW8MQUFBRQFwDQEARx0MAEkdDDR1QVlLmgKZASE2UldQUz6tAthKN05meUFBS0FBeFBRclhvM0E5OGo4NkNVWlNRVEU2TmpRd04wQ0lNRWxJTXhaTlp5ZnVQMUVBDXQMQUFGaxULBEFHHRgARx0YAEgdGAxIZ0FpLsEC8PV3Li7YAgDgApuFTuoCFGh0dHBzOi8vZm9yd2FyZC5jb20vgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgD8NKSAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBAw4MC4yNTUuNy4xMDioBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADSBA43MzM3I0ZSQTE6NjQwN9oEAggB4AQB8ASgxcedAYgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBYUB-gUECAAQAJAGAJgGALgGAMEGAAABJSjwP9AGtCXaBhYKEAEPLgEAdBAAGADgBgHyBgIIAIAHAYgHAKAHAcgH5YQG0gcNCREqASYM2gcGCAUJaOAHAOoHAggA8AeWxQOKCAIQAJUIAACAP5gIAQ..&s=a8321e031565fd390e6c8368f7d8fb77aee291c8&type=nv&nvt=5&jm=1003&sid=1425382271713132305&vd=ct~0|rr~0&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=25248663&cid=3&cr=nv&sw=1600&sh=1200&pw=1600&ph=90&ww=1600&wh=90&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/231/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
AN-X-Request-Uuid
02d84498-0e17-4f13-99dd-411e07a6bf06
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame A5E5 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
AN-X-Request-Uuid
a88aef28-c4e9-4422-89e1-acff61c3695b
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dt
dt.adsafeprotected.com/ Frame B5EE 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930248&asId=9e0a00f4-a1e9-4383-2735-964ffd17cedf&tv=%7Bc:xHUzpU,pingTime:-6,time:2902,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:2902,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:2141,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B797~0%5D,as:%5B797~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:jload,dtt:0,fm:tqVxaI2+11%7C121%7C131%7C141%7C151%7C161%7C171%7C181%7C191%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e11%7C1e12%7C1e13%7C1f11%7C1f12%7C1f13%7C1g11%7C1g21%7C1g3%7C1g4%7C1g5%7C1h1.992712-61653181%7C1h11%7C1h12%7C1h13%7C1h2%7C1h3%7C1h41%7C1h5%7C1i11%7C1i12%7C1i13%7C1i2%7C1i31%7C1i4%7C1i5%7C1j1.992712-61653181%7C1j11%7C1j12%7C1j13%7C1j2%7C1j31%7C1j4%7C1j5%7C1k1.992712-61653181%7C1k11%7C1k12%7C1k13%7C1k21%7C1k3%7C1k4%7C1k5%7C1l1.992712-61653181%7C1l11%7C1l12%7C1l13%7C1l2%7C1l3%7C1l4%7C1l51%7C1m1.992712-61653181%7C1m11%7C1m12%7C1m13%7C1m2%7C1m31%7C1m4%7C1m5%7C1n1.992712-61653181%7C1n11%7C1n12%7C1n13%7C1n14%7C1n2%7C1n3%7C1n4%7C1n51%7C1o1*.930248%7C1o11%7C1o12%7C1o13%7C1o21%7C1o3%7C1o4%7C1o5%7C1p11%7C1p12%7C1p13%7C1p14%7C1p15%7C1p2%7C1p3%7C1p41%7C1p5%7C1q11%7C1q12%7C1q2%7C1q3%7C1q4%7C1q51%7C1r11%7C1r12%7C1r13%7C1r2%7C1r3%7C1r41%7C1r5%7C1s11%7C1s12%7C1s13%7C1s2%7C1s3%7C1s4%7C1s51%7C1t%7C1u11%7C1u12%7C1u13%7C1v11%7C1v12%7C1v21%7C1v3%7C1v4%7C1v5%7C1w11%7C1w2%7C1w3%7C1w41%7C1w5%7C1x1%7C1x21%7C1x3%7C1x4%7C1x5%7C1y11%7C1y12%7C1y2%7C1y31%7C1y4%7C1y5%7C1z11%7C1z12%7C1z2%7C1z3%7C1z41%7C1z5%7C11011%7C11012%7C1102%7C11031%7C1104%7C1105%7C1111%7C1112%7C11131%7C1114%7C1115%7C11211%7C11212%7C1122%7C1123%7C1124%7C11251%7C11311%7C1132%7C1133%7C1134%7C11351%7C11411%7C11412%7C1142%7C1143%7C11441%7C1145%7C11511%7C11611%7C1171%7C11721%7C1173%7C1174%7C1175%7C11811%7C11812%7C11821%7C1183%7C1184%7C1185%7C11911%7C11912%7C11921%7C1193%7C1194%7C1195%7C11a11%7C11a12%7C11a21%7C11a3%7C11a4%7C11a5%7C11b1%7C11b21%7C11b3%7C11b4%7C11b5%7C11c1%7C11c2%7C11c3%7C11c4%7C11c51%7C11d11%7C11d12%7C11d21%7C11d3%7C11d4%7C11d5%7C11e11%7C11e12%7C11e21%7C11f11%7C11f12%7C11f2%7C11g11%7C11g2%7C11g3%7C11g4%7C11g5%7C11h11%7C11h12%7C11h2%7C11i11%7C11i12%7C11i2%7C11j1%7C11k1%7C11l1%7C11m1%7C11n1%7C11o1%7C11o21%7C11o22%7C11o23%7C11o24%7C11o25%7C11o26%7C11o27%7C11o28%7C11o29%7C11o2a%7C11o2b%7C11o2c%7C11o2d%7C11o2e%7C11o2f%7C11o2g%7C11o2h%7C11o2i%7C11o3%7C11o4%7C11p1%7C11p2%7C11p3%7C11p4%7C11q1%7C11q2%7C11q3%7C11q4%7C11r1%7C11r2%7C11r3%7C11r4%7C11s1%7C11s2%7C11s3%7C11s4,idMap:1o1.83f3ab22-d8e3-dcc6-a856-f4ed86a77a42.994_992712-61653181%7C1o1*,rmeas:1,rend:0,renddet:na,siq:2142%7D&tpiLookup=ao:forward.com*%2Cflashnetic.com*&br=c
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=gsuhtufxa&e=1535582086632
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:e69a:c43c:f0d:9cd8 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:28 GMT
server
nginx
x-server-name
dt04.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
async_usersync
ib.adnxs.com/ Frame C031 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1654713&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
AN-X-Request-Uuid
1f299c85-f0b4-4984-b4b7-b89b9f3dba02
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame DE3A 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
290196
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 21 Dec 2022 01:30:52 GMT
expires
Thu, 21 Dec 2023 01:30:52 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
publishertag.prebid.130.js
static.criteo.net/js/ld/ Frame 7BCB 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.130.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:28 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 17 Sep 2022 19:59:55 GMT
server
nginx
etag
W/"6326273b-16120"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 25 Dec 2022 10:07:28 GMT
publishertag.prebid.130.js
static.criteo.net/js/ld/ Frame E57D 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.130.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:28 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 17 Sep 2022 19:59:55 GMT
server
nginx
etag
W/"6326273b-16120"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 25 Dec 2022 10:07:28 GMT
publishertag.prebid.130.js
static.criteo.net/js/ld/ Frame 18D7 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.130.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:28 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 17 Sep 2022 19:59:55 GMT
server
nginx
etag
W/"6326273b-16120"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 25 Dec 2022 10:07:28 GMT
publishertag.prebid.130.js
static.criteo.net/js/ld/ Frame 0273 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.130.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:28 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 17 Sep 2022 19:59:55 GMT
server
nginx
etag
W/"6326273b-16120"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 25 Dec 2022 10:07:28 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 37B9 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N163801.279382BIDMANAGER_DFASITE/B24737564.284764903;dc_ver=92.271;sz=1x1;u_sd=1;gdpr=0;dc_adk=1605059296;ord=c0r820;click=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FXwfOGVHaWz8c5PNfJ8JUPwAAAIA9Cu8_HOTzXyfCVD9gB84ZUdpbP3X44UXzBG59jRdONcm4NVZXz6ZjAAAAAJdDgQEYKAAA6h8AAAIAAAAgNuAPnuYfAAAAAABVU0QARVVSANgCWgAx-QAAAAABAQUCAAAAAMoAJiTwUgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521xRSavgjVn4IXEKDsgH8Yns1_IAAoADF7FK5H4XqEPzoJRlJBMTo1Njc5QIgwSQAAAAAAAPA_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAANA_aQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DODE3MCNGUkExOjU2Nzk%3D%2Fbn%3D93300%2Fclickenc%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Fforward.com%2F$0;xdt=1;crlt=SGqX)'TyIK;gcsr=m;stc=1;chaa=1;sttr=2419;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 24 Dec 2022 10:07:28 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 37B9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvTpLzNyzxOrpoSWxar8LMaQwR7FbX_MlR9-qeJORyIUQH9OfbeLotGyQo4b_gqeyjjiYuK9LbS7LT895JW7AxZ5XSFioH5hIkt6PMZubYwf2lk8nq06YBDbf_9riyS15q5txkaMvxQVR0rTg7TBvbjndAx5IMufw&sai=AMfl-YT9CPLs7GLQxQKeeIAjk8Thu96lCQgVfWhDXjp6cSsCW_ZxJmAelpbLfwI51uFKeBL5hzsXfO7mt0O0Arqs09MUh4HGMtlHpEK0w47W&sig=Cg0ArKJSzOxLHKOK2p73EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20221207.14366&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N163801.279382BIDMANAGER_DFASITE/B24737564.284764903;dc_ver=92.271;sz=1x1;u_sd=1;gdpr=0;dc_adk=1605059296;ord=c0r820;click=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FXwfOGVHaWz8c5PNfJ8JUPwAAAIA9Cu8_HOTzXyfCVD9gB84ZUdpbP3X44UXzBG59jRdONcm4NVZXz6ZjAAAAAJdDgQEYKAAA6h8AAAIAAAAgNuAPnuYfAAAAAABVU0QARVVSANgCWgAx-QAAAAABAQUCAAAAAMoAJiTwUgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521xRSavgjVn4IXEKDsgH8Yns1_IAAoADF7FK5H4XqEPzoJRlJBMTo1Njc5QIgwSQAAAAAAAPA_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAANA_aQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DODE3MCNGUkExOjU2Nzk%3D%2Fbn%3D93300%2Fclickenc%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Fforward.com%2F$0;xdt=1;crlt=SGqX)'TyIK;gcsr=m;stc=1;chaa=1;sttr=2419;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 24 Dec 2022 10:07:28 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 37B9 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N163801.279382BIDMANAGER_DFASITE/B24737564.284764903;dc_ver=92.271;sz=1x1;u_sd=1;gdpr=0;dc_adk=1605059296;ord=c0r820;click=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FXwfOGVHaWz8c5PNfJ8JUPwAAAIA9Cu8_HOTzXyfCVD9gB84ZUdpbP3X44UXzBG59jRdONcm4NVZXz6ZjAAAAAJdDgQEYKAAA6h8AAAIAAAAgNuAPnuYfAAAAAABVU0QARVVSANgCWgAx-QAAAAABAQUCAAAAAMoAJiTwUgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521xRSavgjVn4IXEKDsgH8Yns1_IAAoADF7FK5H4XqEPzoJRlJBMTo1Njc5QIgwSQAAAAAAAPA_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAANA_aQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DODE3MCNGUkExOjU2Nzk%3D%2Fbn%3D93300%2Fclickenc%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Fforward.com%2F$0;xdt=1;crlt=SGqX)'TyIK;gcsr=m;stc=1;chaa=1;sttr=2419;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:30:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
290196
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Dec 2023 01:30:52 GMT
publishertag.prebid.130.js
static.criteo.net/js/ld/ Frame CBFA 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.130.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:28 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 17 Sep 2022 19:59:55 GMT
server
nginx
etag
W/"6326273b-16120"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 25 Dec 2022 10:07:28 GMT
dt
dt.adsafeprotected.com/ Frame 3A7C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=992712&asId=3f7b216e-2265-fe8c-d694-beffe1a4ac1c&tv=%7Bc:xHUzqE,pingTime:-2,time:5489,type:a,im:%7Bsf:0,pci:%7Btdr:1583%7D,pom:1,prf:%7BbdA:4022,bdZ:4082,beA:6131,beZ:6132,mfA:9808,cmA:9810,inA:9810,inZ:9813,prA:9813,prZ:9858,si:9862,poA:9863,poZ:9877,cmZ:9877,mfZ:9877,loA:10894,loZ:10897,ltA:11620,ltZ:11620,mdA:8494,mdZ:8538%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:3730%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:0,o:5489,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:3730,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1809~0%5D,as:%5B1809~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tqVxaI2+11%7C121%7C131%7C141%7C151%7C161%7C171%7C181%7C191%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e11%7C1e12%7C1e13%7C1f11%7C1f12%7C1f13%7C1g1%7C1g21%7C1g3%7C1g4%7C1g5%7C1h1.992712-61653181%7C1h11%7C1h12%7C1h2%7C1h3%7C1h41%7C1h5%7C1i11%7C1i12%7C1i13%7C1i2%7C1i31%7C1i4%7C1i5%7C1j1.992712-61653181%7C1j11%7C1j12%7C1j2%7C1j31%7C1j4%7C1j5%7C1k1.992712-61653181%7C1k11%7C1k12%7C1k21%7C1k3%7C1k4%7C1k5%7C1l1.992712-61653181%7C1l11%7C1l12%7C1l2%7C1l3%7C1l4%7C1l51%7C1m1.992712-61653181%7C1m11%7C1m12%7C1m2%7C1m31%7C1m4%7C1m5%7C1n1*.992712-61653181%7C1n11%7C1n12%7C1n2%7C1n3%7C1n4%7C1n51%7C1o1.992712-61653181%7C1o11%7C1o12%7C1o21%7C1o3%7C1o4%7C1o5%7C1p11%7C1p12%7C1p13%7C1p14%7C1p15%7C1p2%7C1p3%7C1p41%7C1p5%7C1q11%7C1q12%7C1q2%7C1q3%7C1q4%7C1q51%7C1r11%7C1r12%7C1r13%7C1r2%7C1r3%7C1r41%7C1r5%7C1s11%7C1s12%7C1s2%7C1s3%7C1s4%7C1s51%7C1t%7C1u11%7C1v11%7C1v12%7C1v21%7C1v3%7C1v4%7C1v5%7C1w1%7C1w2%7C1w3%7C1w41%7C1w5%7C1x1%7C1x21%7C1x3%7C1x4%7C1x5%7C1y11%7C1y12%7C1y2%7C1y31%7C1y4%7C1y5%7C1z11%7C1z12%7C1z2%7C1z3%7C1z41%7C1z5%7C11011%7C11012%7C1102%7C11031%7C1104%7C1105%7C1111%7C1112%7C11131%7C1114%7C1115%7C11211%7C11212%7C1122%7C1123%7C1124%7C11251%7C1131%7C1132%7C1133%7C1134%7C11351%7C11411%7C11412%7C1142%7C1143%7C11441%7C1145%7C11511%7C11611%7C1171%7C1172%7C1173%7C1174%7C1175%7C11811%7C11812%7C1182%7C1183%7C1184%7C1185%7C11911%7C11912%7C1192%7C1193%7C1194%7C1195%7C11a11%7C11a12%7C11a2%7C11a3%7C11a4%7C11a5%7C11b1%7C11b2%7C11b3%7C11b4%7C11b5%7C11c1%7C11c2%7C11c3%7C11c4%7C11c5%7C11d11%7C11d12%7C11d2%7C11d3%7C11d4%7C11d5%7C11e11%7C11e12%7C11e21%7C11f11%7C11f12%7C11f2%7C11g11%7C11h11%7C11h12%7C11h2%7C11i11%7C11i12%7C11i2%7C11j1%7C11k1%7C11l1%7C11m1%7C11n1%7C11o1%7C11p1%7C11q1%7C11r1%7C11s1%7C11t1%7C11u1%7C11v1%7C11w1%7C11x1%7C11y1%7C11z1%7C11z21%7C11z22%7C11z23%7C11z24%7C11z25%7C11z26%7C11z27%7C11z28%7C11z29%7C11z2a%7C11z2b%7C11z2c%7C11z2d%7C11z2e%7C11z2f%7C11z2g%7C11z2h%7C11z2i%7C11z3%7C11z4%7C1201%7C1202%7C1203%7C1204%7C1211%7C1212%7C1213%7C1214%7C1221%7C1222%7C1223%7C1224%7C1231%7C1232%7C1233%7C1234,idMap:1n1.9d7b8e3d-18ac-083d-530b-71e179fb993e.865_930248%7C1n1*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:3732,sinceFw:1757,readyFired:true%7D&br=c
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=sqwwysn&e=1535582086632
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:e69a:c43c:f0d:9cd8 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:28 GMT
server
nginx
x-server-name
dt05.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame B5EE 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=992712&asId=83f3ab22-d8e3-dcc6-a856-f4ed86a77a42&tv=%7Bc:xHUzqJ,pingTime:-2,time:5479,type:a,im:%7Bsf:0,pci:%7Btdr:1654%7D,pom:1,prf:%7BbdA:4062,bdZ:4123,beA:6125,beZ:6127,mfA:9864,cmA:9864,inA:9864,inZ:9865,prA:9865,prZ:9902,si:9904,poA:9905,poZ:9918,cmZ:9918,mfZ:9918,loA:10889,loZ:10890,ltA:11604,ltZ:11604,mdA:8653,mdZ:8705%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:3778%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:0,o:5479,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:3778,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1739~0%5D,as:%5B1739~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tqVxaI2+11%7C121%7C131%7C141%7C151%7C161%7C171%7C181%7C191%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e11%7C1e12%7C1e13%7C1f11%7C1f12%7C1f13%7C1g1%7C1g21%7C1g3%7C1g4%7C1g5%7C1h1.992712-61653181%7C1h11%7C1h12%7C1h2%7C1h3%7C1h41%7C1h5%7C1i11%7C1i12%7C1i13%7C1i2%7C1i31%7C1i4%7C1i5%7C1j1.992712-61653181%7C1j11%7C1j12%7C1j2%7C1j31%7C1j4%7C1j5%7C1k1.992712-61653181%7C1k11%7C1k12%7C1k21%7C1k3%7C1k4%7C1k5%7C1l1.992712-61653181%7C1l11%7C1l12%7C1l2%7C1l3%7C1l4%7C1l51%7C1m1.992712-61653181%7C1m11%7C1m12%7C1m2%7C1m31%7C1m4%7C1m5%7C1n1.992712-61653181%7C1n11%7C1n12%7C1n13%7C1n2%7C1n3%7C1n4%7C1n51%7C1o1*.992712-61653181%7C1o11%7C1o12%7C1o21%7C1o3%7C1o4%7C1o5%7C1p11%7C1p12%7C1p13%7C1p14%7C1p15%7C1p2%7C1p3%7C1p41%7C1p5%7C1q11%7C1q12%7C1q2%7C1q3%7C1q4%7C1q51%7C1r11%7C1r12%7C1r13%7C1r2%7C1r3%7C1r41%7C1r5%7C1s11%7C1s12%7C1s2%7C1s3%7C1s4%7C1s51%7C1t%7C1u11%7C1v11%7C1v12%7C1v21%7C1v3%7C1v4%7C1v5%7C1w1%7C1w2%7C1w3%7C1w41%7C1w5%7C1x1%7C1x21%7C1x3%7C1x4%7C1x5%7C1y11%7C1y12%7C1y2%7C1y31%7C1y4%7C1y5%7C1z11%7C1z12%7C1z2%7C1z3%7C1z41%7C1z5%7C11011%7C11012%7C1102%7C11031%7C1104%7C1105%7C1111%7C1112%7C11131%7C1114%7C1115%7C11211%7C11212%7C1122%7C1123%7C1124%7C11251%7C1131%7C1132%7C1133%7C1134%7C11351%7C11411%7C11412%7C1142%7C1143%7C11441%7C1145%7C11511%7C11611%7C1171%7C1172%7C1173%7C1174%7C1175%7C11811%7C11812%7C1182%7C1183%7C1184%7C1185%7C11911%7C11912%7C1192%7C1193%7C1194%7C1195%7C11a11%7C11a12%7C11a2%7C11a3%7C11a4%7C11a5%7C11b1%7C11b2%7C11b3%7C11b4%7C11b5%7C11c1%7C11c2%7C11c3%7C11c4%7C11c5%7C11d11%7C11d12%7C11d2%7C11d3%7C11d4%7C11d5%7C11e11%7C11e12%7C11e21%7C11f11%7C11f12%7C11f2%7C11g11%7C11h11%7C11h12%7C11h2%7C11i11%7C11i12%7C11i2%7C11j1%7C11k1%7C11l1%7C11m1%7C11n1%7C11o1%7C11p1%7C11q1%7C11r1%7C11s1%7C11t1%7C11u1%7C11v1%7C11w1%7C11x1%7C11y1%7C11z1%7C11z21%7C11z22%7C11z23%7C11z24%7C11z25%7C11z26%7C11z27%7C11z28%7C11z29%7C11z2a%7C11z2b%7C11z2c%7C11z2d%7C11z2e%7C11z2f%7C11z2g%7C11z2h%7C11z2i%7C11z3%7C11z4%7C1201%7C1202%7C1203%7C1204%7C1211%7C1212%7C1213%7C1214%7C1221%7C1222%7C1223%7C1224%7C1231%7C1232%7C1233%7C1234,idMap:1o1.9e0a00f4-a1e9-4383-2735-964ffd17cedf.760_930248%7C1o1*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:3779,sinceFw:1699,readyFired:true%7D&br=c
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=gsuhtufxa&e=1535582086632
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:e69a:c43c:f0d:9cd8 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:28 GMT
server
nginx
x-server-name
dt18.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
publishertag.prebid.130.js
static.criteo.net/js/ld/ Frame A1CE 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.130.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:28 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 17 Sep 2022 19:59:55 GMT
server
nginx
etag
W/"6326273b-16120"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 25 Dec 2022 10:07:28 GMT
vevent
fra1-ib.adnxs.com/ Frame 482F 		0
951 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fforward.com%2F&e=wqT_3QLQCvDXUAUAAAMA1gAFAQjZnpudBhCx3IWL39ju2CsYja-4qpOZ7ppWKjYJnGYrGVRr4D8RA6HT7_JH2T8ZAAAAgD0K7z8h2LCF7V6_5D8piQyreCPz6j8xAAAAQOF6lD8wl4eFDDiYUECwCUgCUIeSx8EBWJ7Nf2AAaLHylwF47tAEgAEBigEDVVNEkgEDRVVSmAEBoAEBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJodWYoJ2EnLCA5ODExNzAsIDApO3VmKCdpJywgNzQzNDE1MSwgMCk7ASc8ZycsIDE4NDc1NDEyLCAwKQUpMHMnLCAyNzYzOTM4NzYVFjByJywgNDA1OTE1OTExBRbwtpICtQQhbldkMUNnaTBqcndaRUllU3g4RUJHQUFnbnMxX01BQTRBRUFBU0xBSlVKZUhoUXhZQUdDOUJtZ0FjQUI0QUlBQkNJZ0JBSkFCQVpnQkFhQUJBYWdCQWJBQkFMa0I5YVhFeUI5bDZUX0JBU01FSDZFaTgtb195UUVBQUFBQUFBRHdQOWtCU0RNV1RXY243al9nQWFmZnhRUDFBZmdvU3otWUFnQ2dBZ0cxQWdBQUFBQzlBZwE58IFEQUFnRElBZ0RRQWdEWUFnRGdBZ0RvQWdENEFnQ0FBd0dZQXdHaUF3NEkwYzM5SWhBQkdBSXRBQURnUUtJRERnalJ6ZjBpRUFzWUFpMEFBT0JBdWdNSlJsSkJNVG8xTmpnMTRBT0lNSUFFbGE3c0NJZ0VuSzdzQ0pBRUFKZ0VBY0VFAYYJAQhESkIJCQUBGDJBUUE4UVEFDAUBeElnRnRTeVlCWlRmNVlNQnFRVklNeFpOWnlmdVA3RUYFJAUBCERCQhE3QEJ4QXlRVUFBQUJBMmdXOVA5MigAAFoVKLhQQV80QVg2a1FYd0JaVFQ1d2o0QmJMeE80SUdBMFZWVW9nR0JKQUdBWmdHQUtFRwVnBQEkQ29CZ1N5QmlRSgUPCQEAUgkHBQEAWgUGCQEAaAkHAQFAQzRCZ28umgKZASFuQkZZMGc6OQIoSjdOZnlBQUtBQXgBLw0BTDZDVVpTUVRFNk5UWTROVUNJTUVsOQUEMUUNJxBBQUFGawEGCQEARx0YAEcdGABIHRgMSGdBaS5NAvD1dy4u2AIA4AKbhU7qAhRodHRwczovL2ZvcndhcmQuY29tL4ADAIgDAZADAJgDF6ADAaoDAMAD4KgByAMA2APw0pIB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDgwLjI1NS43LjEwOKgEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANIEDjEyMDAjRlJBMTo1Njg12gQCCAHgBAHwBIeSx8EBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFygH6BQQIABAAkAYBmAYAuAYAwQYABSUo8D_QBvMD2gYWChAFEB0BdBAAGADgBgzyBgIIAIAHAYgHAKAHQcgH7tAE0gcNCREpASYI2gcGAV1wGADgBwDqBwIIAPAHlsUDiggCEACVCAAAgD-YCAE.&s=f5951af6d177ccbd82900805a7ae908ea7754ea0&type=nv&nvt=5&jm=1003&px=0&py=0&bw=728&bh=125&sid=1425382271713132305&vd=ct~0|rr~0&sv=231&tv=native1-18hs&ua=chrome52&pl=win&x=v&tag_id=25248663&sw=1600&sh=1200&pw=1600&ph=90&ww=1600&wh=90&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/231/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
AN-X-Request-Uuid
c6381bcc-2f42-493b-b132-f2f4ccd671ee
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
manifest.js
cdn.flashtalking.com/129256/3290827/ Frame 832F 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/129256/3290827/manifest.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
b549e1e3f53c1b57450430ae5a523d1676dec898d0186d417f67ed8b5adbcb45

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:28 GMT
Content-Encoding
gzip
x-amz-request-id
XDBGR356CTHVPMKY
Connection
Keep-Alive
Content-Length
1585
x-amz-id-2
VJvyRSLvq6paAPiZcXMye27Ve+x8VSY1a1gI7bXazJGDRGDqT3aZDqSla88F+B9KWXXOI2aKXxk=
Last-Modified
Mon, 28 Dec 2020 13:38:23 GMT
ETag
"1609162703"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
X-HW
1671876448.dop006.fr8.shc,1671876448.dop006.fr8.t,1671876448.cds262.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1093
Accept-Ranges
bytes
publishertag.prebid.130.js
static.criteo.net/js/ld/ Frame 0679 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.130.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:28 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 17 Sep 2022 19:59:55 GMT
server
nginx
etag
W/"6326273b-16120"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 25 Dec 2022 10:07:28 GMT
manifest.js
cdn.flashtalking.com/129256/3290827/ Frame DA7C 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/129256/3290827/manifest.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
b549e1e3f53c1b57450430ae5a523d1676dec898d0186d417f67ed8b5adbcb45

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:28 GMT
Content-Encoding
gzip
x-amz-request-id
XDBGR356CTHVPMKY
Connection
Keep-Alive
Content-Length
1585
x-amz-id-2
VJvyRSLvq6paAPiZcXMye27Ve+x8VSY1a1gI7bXazJGDRGDqT3aZDqSla88F+B9KWXXOI2aKXxk=
Last-Modified
Mon, 28 Dec 2020 13:38:23 GMT
ETag
"1609162703"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
X-HW
1671876448.dop107.fr8.shc,1671876448.dop107.fr8.t,1671876448.cds262.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1093
Accept-Ranges
bytes
async_usersync
ib.adnxs.com/ Frame 9A25 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1654713&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
AN-X-Request-Uuid
0adf8757-02aa-468c-b2ae-43d833b18edd
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
fra1-ib.adnxs.com/ Frame 434A 		0
951 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fforward.com%2F&e=wqT_3QLFC_BMxQUAAAMA1gAFAQjXnpudBhCe9bCA9oitvQIYja-4qpOZ7ppWKjYJDr4wmSoYdT8RgM8XlMxecD8ZAAAAgD0K7z8hgM8XlMxecD8pDr4JJPCBMQAAAEDhepQ_MJeHhQw4mFBAqTlIAlCgxcedAViezX9gAGix8pcBeNPZBYABAYoBA1VTRJIBA0VVUpgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAml1ZignYScsIDE2OTQzNjgsIDApO3VmKCdpJywgNTI0OTAyMBUULGcnLCAxMzU3MTkyMBUVMHMnLCAyNTY5Njc0MzUVFjByJywgMzMwNDI0OTkyBRbwtpICqQUhbG9mcXJnaTYzUGdXRUtERng1MEJHQUFnbnMxX01BRTRBRUFBU0trNVVKZUhoUXhZQUdDOUJtZ0FjQTU0QUlBQkRvZ0JBSkFCQVpnQkFhQUJBcWdCQXJBQkFMa0JYVjk4OF9yamN6X0JBVk02Y1ktNEczVV95UUVBQUFBQUFBRHdQOWtCU0RNV1RXY243al9nQWZ5dndBTDFBWVhya1QtWUFnQ2dBZ0MxQWdBQUFBQzlBZwE58IZEQUFnRElBZ0RRQWc3WUFnRGdBdTc1OWhQb0F1WGdscDBHLUFJQmdBTUJtQU1Cb2dNT0NPYkZ2aWNRQkJnQkxRX2tMemlpQXhjSXg1TGVGUkFIR0FFdDhqSDNPeklIWkdWbVlYVnNkS0lERkFpV3Z1d2tFQWdZQUMyNmF5a19NZ1F5Tnpnem8FWAF4HE1RQ1JnQ0xRAZygQ2lBdzRJMExpVUFSQUtHQUF0QUFDQVA2SUREZ2p1LWZZVEVBc1lBaTABLcBBdWdNSlJsSkJNVG8xTnpnMTRBT0lNSUFFdUtPTENJZ0UycU9MQ0pBRUFaZ0VCTUVFBTUFAQhESkIFCAkBFDJBUUE4UQWBCQF0SWdGbVMyWUJZdUd4SHFwQlVnekZrMW5KLTRfc1FVCSQBAQhNRUYBBwkBCERKQgFDHEtBTTYtZ18wLigABE5rBSjwRlFIY3Q1VF9nQllNRThBWFFycndHLUFXZ3RXZUNCZ05GVlZLSUJnQ1FCZ0dZQmdDaEJqMEsxNk53UGZJX3FBWUVzZ1lrQ1FBCW8MQUFBRQFwDQEARx0MAEkdDDh1QVlLmgKZASE4UlhLVFE6rQLYSjdOZnlBQUtBQXhQUXJYbzNBOThqODZDVVpTUVRFNk5UYzROVUNJTUVsSU14Wk5aeWZ1UDFFQQ10DEFBRmsVCwRBRx0YAEcdGABIHRgQSGdBaVEREPCqRHdQdy4u2AIA4AKbhU7qAhRodHRwczovL2ZvcndhcmQuY29tL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA_DSkgHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMODAuMjU1LjcuMTA4qAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA0gQONzMzNyNGUkExOjU3ODXaBAIIAeAEAfAEhaAgiAUBmAUAoAX_EQEYAcAFAMkFAAUBFPA_0gUJCQULeAAAANgFAeAFAfAFhQH6BQQIABAAkAYAmAYAuAYAwQYBIDAAAPA_0Aa0JdoGFgoQCREZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB9PZBdIHDRVjASYI2gcGAV1wGADgBwDqBwIIAPAHlsUDiggCEACVCAAAgD-YCAE.&s=14508c0572a57b0f413ef4a583e2ced6cac22978&type=nv&nvt=5&jm=1003&sid=1425382271713132305&vd=ct~0|rr~0&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=25248663&cid=3&cr=nv&sw=1600&sh=1200&pw=1600&ph=90&ww=1600&wh=90&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/231/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
AN-X-Request-Uuid
dfb08742-7362-43ad-921e-b82716722b8f
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
publishertag.prebid.130.js
static.criteo.net/js/ld/ Frame 33ED 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.130.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:28 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 17 Sep 2022 19:59:55 GMT
server
nginx
etag
W/"6326273b-16120"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 25 Dec 2022 10:07:28 GMT
sync
ap.lijit.com/ Frame 2752 		80 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/sync
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/www/delivery/fpi.js?z=1051986&width=300&height=250
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
fcc5ada8cc56a76efada75936c6a614116a2e339ac18c72322a4ccce8057c93d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:28 GMT
Content-Encoding
gzip
Last-Modified
Wed, 07 Dec 2022 17:52:05 GMT
Server
nginx
ETag
W/"6390d2c5-14179"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=86400, must-revalidate
X-Sovrn-Pod
ad_ap1ams1
Expires
Sun, 25 Dec 2022 10:07:28 GMT
vevent
fra1-ib.adnxs.com/ Frame 8045 		0
951 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fforward.com%2F&e=wqT_3QKsCvBMLAUAAAMA1gAFAQjVnpudBhDF_sm68eTDk0cYja-4qpOZ7ppWKjYJNZ2dDI6Shz8Ra67jT36RgT8ZAAAAgD0K7z8ha67jT36RgT8pNJ0JJPCBMQAAAEDhepQ_MJeHhQw4mFBA6j9IAlDk-KKCAViezX9gAGix8pcBeOzQBIABAYoBA1VTRJIBA0VVUpgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAlN1ZignYScsIDUxNjcxOTksIDApO3VmKCdpJywgNTQ0MTYzORUULGcnLCAxMzk5MzU3MhUVMHInLCAyNzMyMDIyNzYFFvCLkgKlBCFMbWhNcUFqVjRKVVhFT1Q0b29JQkdBQWduczFfTUFBNEFFQUFTT29fVUplSGhReFlBR0M5Qm1nQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkFhZ0JBYkFCQUxrQmR6YTNRV0tRaHpfQkFYYzJ0MEZpa0ljX3lRRUFBQUFBQUFEd1A5a0JBQUEFDnQ4RF9nQWVlUXpBTDFBYzNNekQyWUFnQ2dBZ0cxQWcBIwRDOQkI8FtEQUFnRElBZ0RRQWdEWUFnRGdBZ0RvQWdENEFnQ0FBd0dZQXdHNkF3bEdVa0V4T2pVMk9EWGdBNGd3Z0FTT3RNTUZpQVNRdE1NRmtBUUJtQVFCdWdRYUNJVUVFUQFoHEFBQU5BX0dRAQkJASBJSUxHaXc3QkIJDwUgBHlRHSEYTmdFQVBFRREfXEFBQ0lCYlVzcVFWSU14Wk5aeWZ1UDdFRhkgGERCQlpxWm0BAkBia195UVVBQUFEZ2VYUzlQOTIoAARaQhFnwFBBXzRBWF9DUEFGNUl6V0J2Z0YzN0M3QW9JR0ExVlRSSWdHQUpBR0FaZ0dBS0VHbXAFXjBadVQtb0JnU3lCaVFKGYAEQVIdDABaHQwAaBkMQEM0QmdvLpoCmQEhZVJaVFl3OikCKEo3TmZ5QUFLQUF4GW1QODZDVVpTUVRFNk5UWTROVUNJTUVrDVQMRHdQMT0kAEYRGAxBQUFHERgMRFFQMh0YAEgRGBhBQUFIZ0FpLj0C8PV3Li7YAgDgApuFTuoCFGh0dHBzOi8vZm9yd2FyZC5jb20vgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgD8NKSAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBAw4MC4yNTUuNy4xMDioBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADSBA44MTcwI0ZSQTE6NTY4NdoEAggB4AQB8ATk-KKCAYgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBaTGKvoFBAgAEACQBgCYBgC4BgDBBgAFJSjwP9AG6CnaBhYKEAUQHQF0EAAYAOAGAfIGAggAgAcBiAcAoAcByAfs0ATSBw0JESkBJgjaBwYBXXAYAOAHAOoHAggA8AeWxQOKCAIQAJUIAACAP5gIAQ..&s=4679c57ce73a61edd9a55c475824daac1be9b76a&type=nv&nvt=5&jm=1003&px=0&py=0&bw=728&bh=90&sid=1425382271713132305&vd=ct~0|rr~0&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=25248663&sw=1600&sh=1200&pw=728&ph=90&ww=728&wh=90&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/231/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
AN-X-Request-Uuid
eefcded5-e8e6-4596-af6d-4c565d4d9f7a
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
publishertag.prebid.130.js
static.criteo.net/js/ld/ Frame 6F22 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.130.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:28 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 17 Sep 2022 19:59:55 GMT
server
nginx
etag
W/"6326273b-16120"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 25 Dec 2022 10:07:28 GMT
vevent
fra1-ib.adnxs.com/ Frame 3516 		0
951 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fforward.com%2F&e=wqT_3QKsCvBMLAUAAAMA1gAFAQjWnpudBhCjnNmHs-ef_yQYja-4qpOZ7ppWKjYJBdhHp658hj8Rb10a0GXCgD8ZAAAAgD0K7z8hb10a0GXCgD8pBtgJJPCBMQAAAEDhepQ_MJeHhQw4mFBA6j9IAlCsvpeEAViezX9gAGix8pcBeMSIBoABAYoBA1VTRJIBA0VVUpgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAlN1ZignYScsIDQzNDA4MDIsIDApO3VmKCdpJywgMzgxMTU4MRUULGcnLCAxMTQxNjA4MxUVMHInLCAyNzcyMDg4NzYFFvCLkgKlBCFHR2ptUWdqZ3h2MFNFS3ktbDRRQkdBQWduczFfTUFBNEFFQUFTT29fVUplSGhReFlBR0M5Qm1nQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkFhZ0JBYkFCQUxrQnRvNDZINlI3aGpfQkFiYU9PaC1rZTRZX3lRRUFBQUFBQUFEd1A5a0JBQUEFDnQ4RF9nQWYzUjZBSDFBYzNNekQyWUFnQ2dBZ0cxQWcBIwRDOQkI8FtEQUFnRElBZ0RRQWdEWUFnRGdBZ0RvQWdENEFnQ0FBd0dZQXdHNkF3bEdVa0V4T2pZMk16RGdBNGd3Z0FUa2hjQURpQVNUNXRNRGtBUUJtQVFCdWdRYUNJVUVFUQFoHEFBQU5BX0dRAQkJASBJSUxHaXc3QkIJDwUgBHlRHSEYTmdFQVBFRREfXEFBQ0lCZVl6cVFWSU14Wk5aeWZ1UDdFRhkgGERCQlpxWm0BAkBia195UVVBQUFCQWpCcThQOTIoAARaQhFnwFBBXzRBWEtDUEFGay1TNEJmZ0Z3dmlJQW9JR0ExVlRSSWdHQUpBR0FaZ0dBS0VHbXAFXjBadVQtb0JnU3lCaVFKGYAEQVIdDABaHQwAaBkMPEM0QmdvLpoCmQEhU1JhWVU-KQIoSjdOZnlBQUtBQXgZbVA4NkNVWlNRVEU2TmpZek1FQ0lNRWsNVAxEd1AxPSQARhEYDEFBQUcRGAxEUVAyHRgASBEYGEFBQUhnQWkuPQLw9XcuLtgCAOACm4VO6gIUaHR0cHM6Ly9mb3J3YXJkLmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APw0pIB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDgwLjI1NS43LjEwOKgEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANIEDjgxNzAjRlJBMTo2NjMw2gQCCAHgBAHwBKy-l4QBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFpMYq-gUECAAQAJAGAJgGALgGAMEGAAUlKPA_0AboKdoGFgoQBRAdAXQQABgA4AYB8gYCCACABwGIBwCgBwHIB8SIBtIHDQkRKQEmCNoHBgFdcBgA4AcA6gcCCADwB5bFA4oIAhAAlQgAAIA_mAgB&s=1ecec8ff2f9040b876dbc1edd9f4064982229c96&type=nv&nvt=5&jm=1003&px=0&py=0&bw=728&bh=90&sid=1425382271713132305&vd=ct~0|rr~0&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=25248663&sw=1600&sh=1200&pw=728&ph=90&ww=728&wh=90&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/231/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
AN-X-Request-Uuid
23269135-1b86-491f-bd64-a7a3a4fc78ed
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
publishertag.prebid.130.js
static.criteo.net/js/ld/ Frame 3332 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.130.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:28 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 17 Sep 2022 19:59:55 GMT
server
nginx
etag
W/"6326273b-16120"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 25 Dec 2022 10:07:28 GMT
publishertag.prebid.130.js
static.criteo.net/js/ld/ Frame 1EF1 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.130.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:28 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 17 Sep 2022 19:59:55 GMT
server
nginx
etag
W/"6326273b-16120"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 25 Dec 2022 10:07:28 GMT
manifest.js
cdn.flashtalking.com/129256/3290827/ Frame D9EF 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/129256/3290827/manifest.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
b549e1e3f53c1b57450430ae5a523d1676dec898d0186d417f67ed8b5adbcb45

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:28 GMT
Content-Encoding
gzip
x-amz-request-id
XDBGR356CTHVPMKY
Connection
Keep-Alive
Content-Length
1585
x-amz-id-2
VJvyRSLvq6paAPiZcXMye27Ve+x8VSY1a1gI7bXazJGDRGDqT3aZDqSla88F+B9KWXXOI2aKXxk=
Last-Modified
Mon, 28 Dec 2020 13:38:23 GMT
ETag
"1609162703"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
X-HW
1671876448.dop006.fr8.shc,1671876448.dop006.fr8.t,1671876448.cds262.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1093
Accept-Ranges
bytes
publishertag.prebid.130.js
static.criteo.net/js/ld/ Frame 697C 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.130.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:28 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 17 Sep 2022 19:59:55 GMT
server
nginx
etag
W/"6326273b-16120"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 25 Dec 2022 10:07:28 GMT
main.19.8.377.js
static.adsafeprotected.com/ Frame 3444 		199 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.377.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/1218281/67368266/skeleton.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:4800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c3d6dd40d554051caae0e87609382cfbf0370ef9acd3beddd1ad5c0bfd335c15

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 23:56:39 GMT
x-amz-version-id
dX.ebh6MRkbxhfqjxJgTQokuZG2AvCpL
content-encoding
gzip
via
1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
987050
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 12 Dec 2022 16:54:47 GMT
server
AmazonS3
etag
W/"6021cd2c4605b3ba4a8f0769ad2e5fc0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
JUkhEamusyMxjFXhI-iC5I4jBDhNRi3KGNgEAn_EPceaEjUendDYpg==
oba_priv.sjs
imagesrv.adition.com/banners/270/ Frame 3444 		2 KB
695 B 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/banners/270/oba_priv.sjs?oba=&domId=obaButton_7180654632757234698&btr=true&pos=top-right&cid=13779&aid=13779
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=vwggzaudv&e=1535582086632
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
25bca8830b6afbe570769a44a4ec4da64218728c9b40fe02b6c26b71e5b9a6da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 24 Dec 2022 10:07:28 GMT
content-encoding
br
content-length
610
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
async_usersync.html
acdn.adnxs.com/dmp/ Frame B5E4 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=vwggzaudv&e=1535582086632
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
53037
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 24 Dec 2022 10:07:28 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 15 Dec 2022 19:23:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
100, 271259
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220073-HHN
X-Timer
S1671876449.665073,VS0,VE0
rd_log
fra1-ib.adnxs.com/ Frame 3444 		0
930 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fforward.com%2F&e=wqT_3QLmDPSsAmYGAAADANYABQEI1Z6bnQYQ4ennwIOmus47GI2vuKqTme6aVio2CSh6igZ9OeA_EVWIjIk1-9g_GQAAAIA9Cu8_IUcc9cJrf-Q_KcfXnlkSoOo_MQAAAEDhepQ_MJeHhQw4mFBAsAlIAlDAh_zBAViezX9gAGix8pcBeOjQBIABAYoBA1VTRJIBA0VVUpgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAmh1ZignYScsIDk4MTE3MCwgMCk7dWYoJ2knLCA3ODgyNzMwLCAwKTt1ZignZycsIDE5ODg1NjI1LCAwKTt1ZigncycsIDI4MDg5MDY1OSwgMCk7dWYoJ3InLCA0MDY3ODI5MTIsIDApO5ICtQQha21qUzNRakpvNVlhRU1DSF9NRUJHQUFnbnMxX01BQTRBRUFBU0xBSlVKZUhoUXhZQUdDOUJtZ0FjQUI0QUlBQkFJZ0JBSkFCQVpnQkFhQUJBYWdCQWJBQkFMa0JKeHhCdnRjVzZUX0JBYlZjLUxJUG9Pb195UUVBQUFBQUFBRHdQOWtCU0RNV1RXY243al9nQWVxUDRRUDFBYmkyU0QtWUFnQ2dBZ0cxQWdBQUFBQzlBZ0FBQUFEQUFnRElBZ0RRQWdEWUFnRGdBZ0RvQWdENEFnR0FBd0dZQXdHaUF3NEludDJ4SnhBQkdBSXRBQURBUUtJRERnaWUzYkVuRUFzWUFpMEFBTUJBdWdNSlJsSkJNVG8xTnpjMzRBT0lNSUFFMWVUd0NZZ0UzdVR3Q1pBRUFKZ0VBY0VFQUFBQUFBQUFBQURKQkFBQUFBQUFBQUFBMkFRQThRUUFBQUFBQUFBQUFJZ0ZrUzJZQmFPYS1JVUJxUVZJTXhaTlp5ZnVQN0VGQUFBQUFBQUFBQURCQlEFUVBBQUJoQXlRVUFBQUNnNUxuQVA5RUYNGhhBQUFEWkJRAQjIQUFBUEFfNEFXRWlnWHdCYm5jdlFuNEJiTHhPNElHQTBWVlVvZ0dCSkFHQVpnR0FLRUdBATQFASRDb0JnU3lCaVFKBQ8JAQBSCQcFAQBaBQYJAQBoCQcBAVhDNEJnby6aApkBIUJoSkRfQWpKbzVZYVU5KEo3TmZ5QUFLQUF4AS8NAWQ2Q1VaU1FURTZOVGMzTjBDSU1FbElNeFpOWiEFBDFFDScQQUFBRmsBBgkBAEcdGABHHRgASB0YEEhnQWlRERDwWER3UHcuLtgCAOACm4VO6gIUaHR0cHM6Ly9mb3J3YXJkLmNvbS_yAhAKBkFEVl9JRBIGOTgxMTcw8gISCgZDUEdfSUQSCDE5ODg1NjI18gISCgVDUF9JRBIJdU088gINCghBRFZfRlJFURIBMAUQHFJFTV9VU0VSBRAADAkgGENPREUSAPIBDwFZEQ8QCwoHQ1AVDkQQCgVJT19JRBIHNzg4MjczMPIBIQRJTxUhOBMKD0NVU1RPTV9NT0RFTAErFADyAhoKFjIWABxMRUFGX05BTQVxCB4KGjYdAAhBU1QBPhBJRklFRAE-HBUKCFNQTElUAU0ACRXZ8OWAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APw0pIB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDgwLjI1NS43LjEwOKgEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANIEDjEyMDAjRlJBMTo1Nzc32gQCCAHgBAHwBMCH_MEBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFygH6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AG8wPaBhYKEAAAAAU1EQF0EAAYAOAGAfIGAggAgAcBiAcAoAcByAfo0ATSBw0JLiYACNoHBgFdcBgA4AcA6gcCCADwB5bFA4oIAhAAlQgAAIA_mAgB&s=96feb8b8bd73b748987b74bc48b97d356c359d89&bdref=https%3A%2F%2Fforward.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fforward.com%2F,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dvwggzaudv%26e%3D1535582086632,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dvwggzaudv%26e%3D1535582086632&
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=vwggzaudv&e=1535582086632
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
AN-X-Request-Uuid
a2d9d487-2a78-485e-9e59-2c5cda2c42b7
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
AditionH5_ClickTags.js
imagesrv.adition.com/js/ Frame ED3C 		753 B
430 B 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/js/AditionH5_ClickTags.js
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/02/b8/23/index.html?clicktag=https%3A%2F%2Ffra1%2Dib.adnxs.com%2Fclick%3Fyq8V4zQk4D%2D77vLtcNrYPwAAAIAUruc%5FRxz1wmt%5F5D%5FH155ZEqDqPyAipzZN7NVxjRdONcm4NVZWz6ZjAAAAAHlDgQEYKAAAsAQAAAIAAAC8Az8YnuYfAAAAAABVU0QARVVSACwB%2DgAx%2DQAAAAABAQUCAAAAAMoAuSfJEwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521%2DhFt%2DAjJo5YaELyH%5FMEBGJ7NfyAAKAAxAAAAAAAAAAA6CUZSQTE6NTMxOUCIMElIMxZNZyfuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTIwMCNGUkExOjUzMTk%3D%2Fbn%3D93185%2Fclickenc%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7180654637069372426%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7180654624183416986%2526sid%253D4787252%2526kid%253D5641793%2526bid%253D17071377%2526c%253D37455%2526keyword%253D%25255Bmtp%25255D%252528cid%252529406782908%25255BAAID%25255D%25255BIDFA%25255D%25255Bu%25255Dhttps%25253A%25252F%25252Fforward.com%25252F%25255Bp%25255D1654713%25255Bmtp%25255D%252528segc%252529%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7180654654246685453%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7180654624183416986%2526sid%253D2885601%2526kid%253D5572862%2526bid%253D16955427%2526c%253D12559%2526keyword%253DPACS%25255F4787252%25255F17071377%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
5a0cecf509251de7b796c7c34ca1374bbb3fabe582e9e9394f1a1ebd9d421997

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imagesrv.adition.com/banners/268/01/02/b8/23/index.html?clicktag=https%3A%2F%2Ffra1%2Dib.adnxs.com%2Fclick%3Fyq8V4zQk4D%2D77vLtcNrYPwAAAIAUruc%5FRxz1wmt%5F5D%5FH155ZEqDqPyAipzZN7NVxjRdONcm4NVZWz6ZjAAAAAHlDgQEYKAAAsAQAAAIAAAC8Az8YnuYfAAAAAABVU0QARVVSACwB%2DgAx%2DQAAAAABAQUCAAAAAMoAuSfJEwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521%2DhFt%2DAjJo5YaELyH%5FMEBGJ7NfyAAKAAxAAAAAAAAAAA6CUZSQTE6NTMxOUCIMElIMxZNZyfuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTIwMCNGUkExOjUzMTk%3D%2Fbn%3D93185%2Fclickenc%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7180654637069372426%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7180654624183416986%2526sid%253D4787252%2526kid%253D5641793%2526bid%253D17071377%2526c%253D37455%2526keyword%253D%25255Bmtp%25255D%252528cid%252529406782908%25255BAAID%25255D%25255BIDFA%25255D%25255Bu%25255Dhttps%25253A%25252F%25252Fforward.com%25252F%25255Bp%25255D1654713%25255Bmtp%25255D%252528segc%252529%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7180654654246685453%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7180654624183416986%2526sid%253D2885601%2526kid%253D5572862%2526bid%253D16955427%2526c%253D12559%2526keyword%253DPACS%25255F4787252%25255F17071377%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:28 GMT
content-encoding
br
last-modified
Thu, 20 Aug 2020 14:03:40 GMT
etag
"1134380014-br"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
330
tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame ED3C 		109 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/02/b8/23/index.html?clicktag=https%3A%2F%2Ffra1%2Dib.adnxs.com%2Fclick%3Fyq8V4zQk4D%2D77vLtcNrYPwAAAIAUruc%5FRxz1wmt%5F5D%5FH155ZEqDqPyAipzZN7NVxjRdONcm4NVZWz6ZjAAAAAHlDgQEYKAAAsAQAAAIAAAC8Az8YnuYfAAAAAABVU0QARVVSACwB%2DgAx%2DQAAAAABAQUCAAAAAMoAuSfJEwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521%2DhFt%2DAjJo5YaELyH%5FMEBGJ7NfyAAKAAxAAAAAAAAAAA6CUZSQTE6NTMxOUCIMElIMxZNZyfuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTIwMCNGUkExOjUzMTk%3D%2Fbn%3D93185%2Fclickenc%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7180654637069372426%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7180654624183416986%2526sid%253D4787252%2526kid%253D5641793%2526bid%253D17071377%2526c%253D37455%2526keyword%253D%25255Bmtp%25255D%252528cid%252529406782908%25255BAAID%25255D%25255BIDFA%25255D%25255Bu%25255Dhttps%25253A%25252F%25252Fforward.com%25252F%25255Bp%25255D1654713%25255Bmtp%25255D%252528segc%252529%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7180654654246685453%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7180654624183416986%2526sid%253D2885601%2526kid%253D5572862%2526bid%253D16955427%2526c%253D12559%2526keyword%253DPACS%25255F4787252%25255F17071377%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
36c0ec05d79bd9d3164effc3eca0f1962cd6f82bb1f41cb212e080910be24153
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imagesrv.adition.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37530
x-xss-protection
0
last-modified
Tue, 06 Sep 2016 20:51:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 24 Dec 2022 10:07:28 GMT
publishertag.prebid.130.js
static.criteo.net/js/ld/ Frame ED48 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.130.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:28 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 17 Sep 2022 19:59:55 GMT
server
nginx
etag
W/"6326273b-16120"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 25 Dec 2022 10:07:28 GMT
async_usersync
ib.adnxs.com/ Frame B3C7 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1654713&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
AN-X-Request-Uuid
be037f75-f008-4d34-a855-b0da068a8a38
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
fra1-ib.adnxs.com/ Frame BE2C 		0
951 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fforward.com%2F&e=wqT_3QKmCvBMJgUAAAMA1gAFAQjWnpudBhCHmeLFmK2-9CIYja-4qpOZ7ppWKjYJ0ytlGeJYhz8R2iRB44JmgT8ZAAAAgD0K7z8h2iRB44JmgT8p0ysJJPCBMQAAAEDhepQ_MJeHhQw4mFBA6j9IAlDe--ByWJ7Nf2AAaLHylwF4mogGgAEBigEDVVNEkgEDRVVSmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCU3VmKCdhJywgNDgyMDI3NCwgMCk7dWYoJ2knLCA0ODI1ODE0LBEUMGcnLCAxMjczODk2NywRFTByJywgMjQwNjY0MDMwBRb0FwGSAqUEIVlXa0hnQWkza3RVVkVONzc0SElZQUNDZXpYOHdBRGdBUUFCSTZqOVFsNGVGREZnQVlMMEdhQUJ3QUhnQWdBRUFpQUVBa0FFQm1BRUJvQUVCcUFFQnNBRUF1UUdvVV8yX29WcUhQOEVCcUZQOXY2RmFoel9KQVFBQUFBQUFBUEFfMlFFQUFBQUFBQUR3UC1BQjFzV21BdlVCemN6TVBaZ0NBS0FDQWJVQ0FBQUFBTDBDQUFBQUFNQUNBTWdDQU5BQ0FOZ0NBT0FDQU9nQ0FQZ0NBWUFEQVpnREFib0RDVVpTUVRFNk5qWXhOLUFEaURDQUJQRDh4UVNJQkxTUnpBU1FCQUdZQkFHNkJCb0loUVFSQUFBAZoQQTBEOFoFCQkBHGdnc2FMRHNFEa0UQTBEX0pCCRwFARQyQVFBOFER2WBBQUFJZ0YyVE9wQlVnekZrMW5KLTRfc1FVARoJARhNRUZtcG1aAQIQdVRfSkIBOxxFQkpNYjBfMC4oAAhOa0YJMchBQThEX2dCZlFJOEFXWHc0a0ctQVd5bXFZQ2dnWURWVk5FaUFZQWtBWUJtQVlBb1FhYW0FXjRtNVA2Z0dCTElHSkFrQRUBAEIVywxBQUJrFRcEQUMdGERMZ0dDZy4umgKVASFjUmJMV1E2KQIobnMxX0lBQW9BREcZbUx6b0pSbEpCTVRvMk5qRTNRSWd3UwHdAQEMUEFfVREMDEFBQVcdDABZEQwMTkFfYREMDEFBQWMdDBBlQUNKQREQ8NBQQV_YAgDgApuFTuoCFGh0dHBzOi8vZm9yd2FyZC5jb20vgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgD8NKSAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBAw4MC4yNTUuNy4xMDioBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADSBA44MTcwI0ZSQTE6NjYxN9oEAggB4AQB8ATe--ByiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAkOcNgFAeAFAfAFjbwp-gUECAAQAJAGAJgGALgGAMEGCSMo8D_QBugp2gYWChAJERkBdBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHmogG0gcNCREoASYI2gcGAV1wGADgBwDqBwIIAPAHlsUDiggCEACVCAAAgD-YCAE.&s=c90d3943a8282bb2e8bed8ece5f53e576d02b9ff&type=nv&nvt=5&jm=1003&px=0&py=0&bw=728&bh=90&sid=1425382271713132305&vd=ct~0|rr~0&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=25248663&sw=1600&sh=1200&pw=728&ph=90&ww=728&wh=90&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/231/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
AN-X-Request-Uuid
1e8353f0-c01c-4eb2-a017-0ca9488f062d
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame F451 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
290196
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 21 Dec 2022 01:30:52 GMT
expires
Thu, 21 Dec 2023 01:30:52 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
AditionH5_ClickTags.js
imagesrv.adition.com/js/ Frame 3DCE 		753 B
367 B 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/js/AditionH5_ClickTags.js
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/02/b8/22/index.html?clicktag=https%3A%2F%2Ffra1%2Dib.adnxs.com%2Fclick%3FkmrOcDsU4D8iU7tT2MHYPwAAAIAUruc%5FR8XGl%2Dxq5D8TDyibcoXqP7FgxrpyvWxnjRdONcm4NVZWz6ZjAAAAAHlDgQEYKAAAsAQAAAIAAAC8Az8YnuYfAAAAAABVU0QARVVSACwB%2DgAx%2DQAAAAABAQUCAAAAAMoACCYpQAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521ABIX%2DgjJo5YaELyH%5FMEBGJ7NfyAAKAAxAAAAAAAAAAA6CUZSQTE6NTI5OECIMElIMxZNZyfuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTIwMCNGUkExOjUyOTg%3D%2Fbn%3D93260%2Fclickenc%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7180654637074942986%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7180654624183416986%2526sid%253D4787252%2526kid%253D5641793%2526bid%253D17071377%2526c%253D42599%2526keyword%253D%25255Bmtp%25255D%252528cid%252529406782908%25255BAAID%25255D%25255BIDFA%25255D%25255Bu%25255Dhttps%25253A%25252F%25252Fforward.com%25252F%25255Bp%25255D1654713%25255Bmtp%25255D%252528segc%252529%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7180654654252321549%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7180654624183416986%2526sid%253D2885601%2526kid%253D5572862%2526bid%253D16955426%2526c%253D27139%2526keyword%253DPACS%25255F4787252%25255F17071377%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
5a0cecf509251de7b796c7c34ca1374bbb3fabe582e9e9394f1a1ebd9d421997

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imagesrv.adition.com/banners/268/01/02/b8/22/index.html?clicktag=https%3A%2F%2Ffra1%2Dib.adnxs.com%2Fclick%3FkmrOcDsU4D8iU7tT2MHYPwAAAIAUruc%5FR8XGl%2Dxq5D8TDyibcoXqP7FgxrpyvWxnjRdONcm4NVZWz6ZjAAAAAHlDgQEYKAAAsAQAAAIAAAC8Az8YnuYfAAAAAABVU0QARVVSACwB%2DgAx%2DQAAAAABAQUCAAAAAMoACCYpQAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521ABIX%2DgjJo5YaELyH%5FMEBGJ7NfyAAKAAxAAAAAAAAAAA6CUZSQTE6NTI5OECIMElIMxZNZyfuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTIwMCNGUkExOjUyOTg%3D%2Fbn%3D93260%2Fclickenc%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7180654637074942986%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7180654624183416986%2526sid%253D4787252%2526kid%253D5641793%2526bid%253D17071377%2526c%253D42599%2526keyword%253D%25255Bmtp%25255D%252528cid%252529406782908%25255BAAID%25255D%25255BIDFA%25255D%25255Bu%25255Dhttps%25253A%25252F%25252Fforward.com%25252F%25255Bp%25255D1654713%25255Bmtp%25255D%252528segc%252529%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7180654654252321549%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7180654624183416986%2526sid%253D2885601%2526kid%253D5572862%2526bid%253D16955426%2526c%253D27139%2526keyword%253DPACS%25255F4787252%25255F17071377%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:28 GMT
content-encoding
br
last-modified
Thu, 20 Aug 2020 14:03:40 GMT
etag
"1134380014-br"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
330
gsap_3.2.4_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 3DCE 		57 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/02/b8/22/index.html?clicktag=https%3A%2F%2Ffra1%2Dib.adnxs.com%2Fclick%3FkmrOcDsU4D8iU7tT2MHYPwAAAIAUruc%5FR8XGl%2Dxq5D8TDyibcoXqP7FgxrpyvWxnjRdONcm4NVZWz6ZjAAAAAHlDgQEYKAAAsAQAAAIAAAC8Az8YnuYfAAAAAABVU0QARVVSACwB%2DgAx%2DQAAAAABAQUCAAAAAMoACCYpQAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521ABIX%2DgjJo5YaELyH%5FMEBGJ7NfyAAKAAxAAAAAAAAAAA6CUZSQTE6NTI5OECIMElIMxZNZyfuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTIwMCNGUkExOjUyOTg%3D%2Fbn%3D93260%2Fclickenc%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7180654637074942986%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7180654624183416986%2526sid%253D4787252%2526kid%253D5641793%2526bid%253D17071377%2526c%253D42599%2526keyword%253D%25255Bmtp%25255D%252528cid%252529406782908%25255BAAID%25255D%25255BIDFA%25255D%25255Bu%25255Dhttps%25253A%25252F%25252Fforward.com%25252F%25255Bp%25255D1654713%25255Bmtp%25255D%252528segc%252529%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7180654654252321549%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7180654624183416986%2526sid%253D2885601%2526kid%253D5572862%2526bid%253D16955426%2526c%253D27139%2526keyword%253DPACS%25255F4787252%25255F17071377%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imagesrv.adition.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23276
x-xss-protection
0
last-modified
Thu, 05 Mar 2020 03:53:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 24 Dec 2022 10:07:28 GMT
async_usersync
ib.adnxs.com/ Frame 1079 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=11153&pub_id=2164665&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=11153&pub_id=2164665
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
AN-X-Request-Uuid
7a0e4696-eafb-45b0-94c4-9fc55e5fc1a2
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 9BC9 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
275cc750316e9a72ba867ccc4f8e235680f4d8045981ff6c92327eb3ce1ae836

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
77e887bc1e679a1d-FRA
content-encoding
br
content-type
text/html
date
Sat, 24 Dec 2022 10:07:28 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VkC%2BMbFzdopfg8fKqfm1qTOLgZpv4XCtn%2F6IkK67973oHQqGLL33SaSPdNhGvjENlHT92%2FFvUXTo5FgelaLnmBaPo5yxiyuMPOExgvEGihu1eLbGyWBYPkCoc4BJZdBUaT%2BFSW6oSJJjzw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
agile_carousel.css
cdn.advanseads.com/dnaFiles/js/agile_carousel_1.1/ Frame 4067 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.advanseads.com/dnaFiles/js/agile_carousel_1.1/agile_carousel.css
Requested by
Host: delivery.advanseads.com
URL: https://delivery.advanseads.com/1.0/ifr.php?zid=77191&dt=2&cb=111838169&c=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FcaJdhZSfhD9gBeL3or1-PwAAAIA9Cu8_YAXi96K9fj9zol2FlJ-EP-2S1V4e4XtnjRdONcm4NVZaz6ZjAAAAAJdDgQEYKAAA6h8AAAIAAADq0tUPnuYfAAAAAABVU0QARVVSANgCWgAx-QAAAAABAQUCAAAAAMoAbSgXzAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521TBbZTAjFsdAVEOql134Yns1_IAAoADGamZmZmZm5PzoJRlJBMTo1MzA2QIgwSQAAAAAAAPA_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAANA_aQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DODE3MCNGUkExOjUzMDY%3D%2Fbn%3D92996%2Fclickenc%3D&i=7456801128598311661&&&cb=874443&adv_imp=702b4515-bd2a-4547-9cf4-d640f6d90e65&gen_imp=true&adv_int_imp=c3d13bd5-f416-46ec-b10d-9d947d640692&zf=%7B%22property_code%22%3A%22czkar23228_%5BADV_LOCAL_LANG%5D%22%2C%22browser_lang%22%3A%22%5BADV_LOCAL_LANG%5D%22%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-79.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a9af85c75793307e7639f72812b5f35ff45721624d043a7be27441e02c1103cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://delivery.advanseads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:24 GMT
Content-Encoding
gzip
Via
1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
Last-Modified
Mon, 21 Nov 2022 21:46:08 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA2-C2
Age
18
ETag
"f45d318793854d11e9b4fdf6ec1b317e"
X-Cache
Hit from cloudfront
Content-Type
text/css
Cache-Control
max-age=60
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1958
X-Amz-Cf-Id
gmNJdFIGIlMiMcqd8VUlFVWT_UUDL1tSsw4mBonpEfwdVeJls4KI9A==
jquery-ui.css
cdn.advanseads.com/dnaFiles/js/ Frame 4067 		19 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.advanseads.com/dnaFiles/js/jquery-ui.css
Requested by
Host: delivery.advanseads.com
URL: https://delivery.advanseads.com/1.0/ifr.php?zid=77191&dt=2&cb=111838169&c=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FcaJdhZSfhD9gBeL3or1-PwAAAIA9Cu8_YAXi96K9fj9zol2FlJ-EP-2S1V4e4XtnjRdONcm4NVZaz6ZjAAAAAJdDgQEYKAAA6h8AAAIAAADq0tUPnuYfAAAAAABVU0QARVVSANgCWgAx-QAAAAABAQUCAAAAAMoAbSgXzAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521TBbZTAjFsdAVEOql134Yns1_IAAoADGamZmZmZm5PzoJRlJBMTo1MzA2QIgwSQAAAAAAAPA_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAANA_aQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DODE3MCNGUkExOjUzMDY%3D%2Fbn%3D92996%2Fclickenc%3D&i=7456801128598311661&&&cb=874443&adv_imp=702b4515-bd2a-4547-9cf4-d640f6d90e65&gen_imp=true&adv_int_imp=c3d13bd5-f416-46ec-b10d-9d947d640692&zf=%7B%22property_code%22%3A%22czkar23228_%5BADV_LOCAL_LANG%5D%22%2C%22browser_lang%22%3A%22%5BADV_LOCAL_LANG%5D%22%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-79.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d50ae1c9b63b678c6cdaa47ec3338db2527874e314cf919606cbd542e25b2763

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://delivery.advanseads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:24 GMT
Content-Encoding
gzip
Via
1.1 e1e056e45a0f8d6bc22b223900511170.cloudfront.net (CloudFront)
Last-Modified
Mon, 21 Nov 2022 21:46:08 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA2-C2
Age
37
ETag
"cee9425a1cfa0868879e6d629871ff53"
X-Cache
Hit from cloudfront
Content-Type
text/css
Cache-Control
max-age=60
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3696
X-Amz-Cf-Id
fPjSyDqHZegd0jBzfoa9TTkuzyMKPMYyQPe1VmW9MxJOYzKeGoTreg==
jquery.min.js
cdn.advanseads.com/dnaFiles/js/ Frame 4067 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.advanseads.com/dnaFiles/js/jquery.min.js?v=1671855657369
Requested by
Host: delivery.advanseads.com
URL: https://delivery.advanseads.com/1.0/ifr.php?zid=77191&dt=2&cb=111838169&c=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FcaJdhZSfhD9gBeL3or1-PwAAAIA9Cu8_YAXi96K9fj9zol2FlJ-EP-2S1V4e4XtnjRdONcm4NVZaz6ZjAAAAAJdDgQEYKAAA6h8AAAIAAADq0tUPnuYfAAAAAABVU0QARVVSANgCWgAx-QAAAAABAQUCAAAAAMoAbSgXzAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521TBbZTAjFsdAVEOql134Yns1_IAAoADGamZmZmZm5PzoJRlJBMTo1MzA2QIgwSQAAAAAAAPA_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAANA_aQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DODE3MCNGUkExOjUzMDY%3D%2Fbn%3D92996%2Fclickenc%3D&i=7456801128598311661&&&cb=874443&adv_imp=702b4515-bd2a-4547-9cf4-d640f6d90e65&gen_imp=true&adv_int_imp=c3d13bd5-f416-46ec-b10d-9d947d640692&zf=%7B%22property_code%22%3A%22czkar23228_%5BADV_LOCAL_LANG%5D%22%2C%22browser_lang%22%3A%22%5BADV_LOCAL_LANG%5D%22%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-79.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ba6eda7945ab8d7e57b34cc5a3dd292fa2e4c60a5ced79236ecf1a9e0f0c2d32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://delivery.advanseads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:24 GMT
Content-Encoding
gzip
Via
1.1 0d94766f433ae64cf30c40acb74fc43e.cloudfront.net (CloudFront)
Last-Modified
Mon, 21 Nov 2022 21:46:08 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA2-C2
Age
31
ETag
"2f3f6542df672b22ca8a0c37ec3a6f1c"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Cache-Control
max-age=60
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
33409
X-Amz-Cf-Id
QydP3IoEDiUT7xVHc0iqXc-8EdmDjUXhby1s8Plu2xsNWvbzmnrPcQ==
jquery-ui.min.js
cdn.advanseads.com/dnaFiles/js/ Frame 4067 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.advanseads.com/dnaFiles/js/jquery-ui.min.js?v=1671855657369
Requested by
Host: delivery.advanseads.com
URL: https://delivery.advanseads.com/1.0/ifr.php?zid=77191&dt=2&cb=111838169&c=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FcaJdhZSfhD9gBeL3or1-PwAAAIA9Cu8_YAXi96K9fj9zol2FlJ-EP-2S1V4e4XtnjRdONcm4NVZaz6ZjAAAAAJdDgQEYKAAA6h8AAAIAAADq0tUPnuYfAAAAAABVU0QARVVSANgCWgAx-QAAAAABAQUCAAAAAMoAbSgXzAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521TBbZTAjFsdAVEOql134Yns1_IAAoADGamZmZmZm5PzoJRlJBMTo1MzA2QIgwSQAAAAAAAPA_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAANA_aQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DODE3MCNGUkExOjUzMDY%3D%2Fbn%3D92996%2Fclickenc%3D&i=7456801128598311661&&&cb=874443&adv_imp=702b4515-bd2a-4547-9cf4-d640f6d90e65&gen_imp=true&adv_int_imp=c3d13bd5-f416-46ec-b10d-9d947d640692&zf=%7B%22property_code%22%3A%22czkar23228_%5BADV_LOCAL_LANG%5D%22%2C%22browser_lang%22%3A%22%5BADV_LOCAL_LANG%5D%22%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-79.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5160f8e7cf65486d4ef7ac14e03e5f5ae69449527b99fe4ea4634bd829e9ef8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://delivery.advanseads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:24 GMT
Content-Encoding
gzip
Via
1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront)
Last-Modified
Mon, 21 Nov 2022 21:46:08 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA2-C2
Age
37
ETag
"c2c82f26c33b13dbb33539dcffb2f945"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Cache-Control
max-age=60
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7065
X-Amz-Cf-Id
fX2Wkg6n77e51voEPOSAVpodBYWFcGA3aY-MJFLlPjMxrOwk2lLmSg==
html_render_v4.min.js
cdn.advanseads.com/dnaFiles/js/ Frame 4067 		267 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.advanseads.com/dnaFiles/js/html_render_v4.min.js?v=1671855657369
Requested by
Host: delivery.advanseads.com
URL: https://delivery.advanseads.com/1.0/ifr.php?zid=77191&dt=2&cb=111838169&c=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FcaJdhZSfhD9gBeL3or1-PwAAAIA9Cu8_YAXi96K9fj9zol2FlJ-EP-2S1V4e4XtnjRdONcm4NVZaz6ZjAAAAAJdDgQEYKAAA6h8AAAIAAADq0tUPnuYfAAAAAABVU0QARVVSANgCWgAx-QAAAAABAQUCAAAAAMoAbSgXzAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521TBbZTAjFsdAVEOql134Yns1_IAAoADGamZmZmZm5PzoJRlJBMTo1MzA2QIgwSQAAAAAAAPA_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAANA_aQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DODE3MCNGUkExOjUzMDY%3D%2Fbn%3D92996%2Fclickenc%3D&i=7456801128598311661&&&cb=874443&adv_imp=702b4515-bd2a-4547-9cf4-d640f6d90e65&gen_imp=true&adv_int_imp=c3d13bd5-f416-46ec-b10d-9d947d640692&zf=%7B%22property_code%22%3A%22czkar23228_%5BADV_LOCAL_LANG%5D%22%2C%22browser_lang%22%3A%22%5BADV_LOCAL_LANG%5D%22%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-79.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b8e71ebd3510e78168bb99c6b46bcffb9331407ac87edcf189a9e4598cd7f20b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://delivery.advanseads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:06:43 GMT
Content-Encoding
gzip
Via
1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
Last-Modified
Mon, 21 Nov 2022 21:46:08 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA2-C2
Age
47
ETag
"70ffc5ee6aa464493e8cdda9fa414f5b"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Cache-Control
max-age=60
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
41602
X-Amz-Cf-Id
ZNnv4VDObsg3cb_nPjnMCz7Bz_MdFne8iYY7yyspFHFQxuHtRG_U0Q==
slick.css
cdn.advanseads.com/dnaFiles/js/slick-1.4.1/slick/ Frame 4067 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.advanseads.com/dnaFiles/js/slick-1.4.1/slick/slick.css
Requested by
Host: delivery.advanseads.com
URL: https://delivery.advanseads.com/1.0/ifr.php?zid=77191&dt=2&cb=111838169&c=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FcaJdhZSfhD9gBeL3or1-PwAAAIA9Cu8_YAXi96K9fj9zol2FlJ-EP-2S1V4e4XtnjRdONcm4NVZaz6ZjAAAAAJdDgQEYKAAA6h8AAAIAAADq0tUPnuYfAAAAAABVU0QARVVSANgCWgAx-QAAAAABAQUCAAAAAMoAbSgXzAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521TBbZTAjFsdAVEOql134Yns1_IAAoADGamZmZmZm5PzoJRlJBMTo1MzA2QIgwSQAAAAAAAPA_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAANA_aQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DODE3MCNGUkExOjUzMDY%3D%2Fbn%3D92996%2Fclickenc%3D&i=7456801128598311661&&&cb=874443&adv_imp=702b4515-bd2a-4547-9cf4-d640f6d90e65&gen_imp=true&adv_int_imp=c3d13bd5-f416-46ec-b10d-9d947d640692&zf=%7B%22property_code%22%3A%22czkar23228_%5BADV_LOCAL_LANG%5D%22%2C%22browser_lang%22%3A%22%5BADV_LOCAL_LANG%5D%22%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-79.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6f173fbde897c4b5e403c91d99bfc6d671efea799450ca3b11c0d1bcce2ddfc1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://delivery.advanseads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:24 GMT
Content-Encoding
gzip
Via
1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront)
Last-Modified
Mon, 21 Nov 2022 21:46:08 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA2-C2
Age
32
ETag
"5fa4f41f00b5dfb699e109dee4eae97c"
X-Cache
Hit from cloudfront
Content-Type
text/css
Cache-Control
max-age=60
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
562
X-Amz-Cf-Id
6TDgclH80UbQpfNzt5y3eNFxIHeGtTNg_TkY65mH95V97yC-JxiGoA==
slick-theme.css
cdn.advanseads.com/dnaFiles/js/slick-1.4.1/slick/ Frame 4067 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.advanseads.com/dnaFiles/js/slick-1.4.1/slick/slick-theme.css
Requested by
Host: delivery.advanseads.com
URL: https://delivery.advanseads.com/1.0/ifr.php?zid=77191&dt=2&cb=111838169&c=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FcaJdhZSfhD9gBeL3or1-PwAAAIA9Cu8_YAXi96K9fj9zol2FlJ-EP-2S1V4e4XtnjRdONcm4NVZaz6ZjAAAAAJdDgQEYKAAA6h8AAAIAAADq0tUPnuYfAAAAAABVU0QARVVSANgCWgAx-QAAAAABAQUCAAAAAMoAbSgXzAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521TBbZTAjFsdAVEOql134Yns1_IAAoADGamZmZmZm5PzoJRlJBMTo1MzA2QIgwSQAAAAAAAPA_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAANA_aQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DODE3MCNGUkExOjUzMDY%3D%2Fbn%3D92996%2Fclickenc%3D&i=7456801128598311661&&&cb=874443&adv_imp=702b4515-bd2a-4547-9cf4-d640f6d90e65&gen_imp=true&adv_int_imp=c3d13bd5-f416-46ec-b10d-9d947d640692&zf=%7B%22property_code%22%3A%22czkar23228_%5BADV_LOCAL_LANG%5D%22%2C%22browser_lang%22%3A%22%5BADV_LOCAL_LANG%5D%22%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-79.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b912f9dcae358b9ef7e2d6b1f368eeabe05d17af890ff48ce0820e9facbc9fe7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://delivery.advanseads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:06:43 GMT
Content-Encoding
gzip
Via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
Last-Modified
Mon, 21 Nov 2022 21:46:08 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA2-C2
Age
46
ETag
"f17640c32826b04bf24d9894fb643a06"
X-Cache
Hit from cloudfront
Content-Type
text/css
Cache-Control
max-age=60
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
858
X-Amz-Cf-Id
CheacEdVqyKelyaunGlMpYQ2ZpIj1ZScVkZmT20DVcyJYKRL6dn-Ew==
slick.js
cdn.advanseads.com/dnaFiles/js/slick-1.4.1/slick/ Frame 4067 		64 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.advanseads.com/dnaFiles/js/slick-1.4.1/slick/slick.js
Requested by
Host: delivery.advanseads.com
URL: https://delivery.advanseads.com/1.0/ifr.php?zid=77191&dt=2&cb=111838169&c=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FcaJdhZSfhD9gBeL3or1-PwAAAIA9Cu8_YAXi96K9fj9zol2FlJ-EP-2S1V4e4XtnjRdONcm4NVZaz6ZjAAAAAJdDgQEYKAAA6h8AAAIAAADq0tUPnuYfAAAAAABVU0QARVVSANgCWgAx-QAAAAABAQUCAAAAAMoAbSgXzAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521TBbZTAjFsdAVEOql134Yns1_IAAoADGamZmZmZm5PzoJRlJBMTo1MzA2QIgwSQAAAAAAAPA_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAANA_aQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DODE3MCNGUkExOjUzMDY%3D%2Fbn%3D92996%2Fclickenc%3D&i=7456801128598311661&&&cb=874443&adv_imp=702b4515-bd2a-4547-9cf4-d640f6d90e65&gen_imp=true&adv_int_imp=c3d13bd5-f416-46ec-b10d-9d947d640692&zf=%7B%22property_code%22%3A%22czkar23228_%5BADV_LOCAL_LANG%5D%22%2C%22browser_lang%22%3A%22%5BADV_LOCAL_LANG%5D%22%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-79.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a8e91147663e766b9d516e4b7fd39f21685b1866829dd58595a997463a3d1b24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://delivery.advanseads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:24 GMT
Content-Encoding
gzip
Via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
Last-Modified
Mon, 21 Nov 2022 21:46:08 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA2-C2
Age
23
ETag
"f84730051b59e2bbe89c299bbbf8e967"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Cache-Control
max-age=60
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10898
X-Amz-Cf-Id
mwnBQRi30ag2qBgJN9-mnIFhDV47xT5w2ncEDTiIWdqcjfSIgS5sIQ==
async_usersync
ib.adnxs.com/ Frame 103E 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
AN-X-Request-Uuid
563d71e8-1e5c-4531-8311-284b88ae7ed9
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 90BF 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=992712&asId=49e132d2-5ad6-58a6-64ce-f1e52a531ee1&tv=%7Bc:xHUzuy,pingTime:-2,time:5992,type:a,im:%7Bsf:0,pci:%7Btdr:1049%7D,pom:1,prf:%7BbdA:3993,bdZ:4051,beA:5920,beZ:5927,mfA:10355,cmA:10355,inA:10355,inZ:10356,prA:10356,prZ:10410,si:10413,poA:10413,poZ:10422,cmZ:10422,mfZ:10422,loA:11282,loZ:11284,ltA:11912,ltZ:11912,mdA:5927,mdZ:6157%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:4492%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:0,o:5992,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:4491,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1557~0%5D,as:%5B1557~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tqVxaI2+11%7C121%7C131%7C141%7C151%7C161%7C171%7C181%7C191%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e11%7C1e12%7C1e13%7C1f11%7C1f12%7C1f13%7C1g11%7C1g21%7C1g3%7C1g4%7C1g5%7C1h1.992712-61653181%7C1h11%7C1h12%7C1h2%7C1h3%7C1h41%7C1h5%7C1i11%7C1i12%7C1i13%7C1i2%7C1i31%7C1i4%7C1i5%7C1j1*.992712-61653181%7C1j11%7C1j12%7C1j2%7C1j31%7C1j4%7C1j5%7C1k1.992712-61653181%7C1k11%7C1k12%7C1k21%7C1k3%7C1k4%7C1k5%7C1l1.992712-61653181%7C1l11%7C1l12%7C1l2%7C1l3%7C1l4%7C1l51%7C1m1.992712-61653181%7C1m11%7C1m12%7C1m2%7C1m31%7C1m4%7C1m5%7C1n1.992712-61653181%7C1n11%7C1n12%7C1n13%7C1n2%7C1n3%7C1n4%7C1n51%7C1o1.992712-61653181%7C1o11%7C1o12%7C1o13%7C1o21%7C1o3%7C1o4%7C1o5%7C1p11%7C1p12%7C1p13%7C1p14%7C1p15%7C1p2%7C1p3%7C1p41%7C1p5%7C1q11%7C1q12%7C1q2%7C1q3%7C1q4%7C1q51%7C1r11%7C1r12%7C1r13%7C1r2%7C1r3%7C1r41%7C1r5%7C1s11%7C1s12%7C1s13%7C1s2%7C1s3%7C1s4%7C1s51%7C1t%7C1u11%7C1u12%7C1u13%7C1v11%7C1v12%7C1v21%7C1v3%7C1v4%7C1v5%7C1w11%7C1w2%7C1w3%7C1w41%7C1w5%7C1x1%7C1x21%7C1x3%7C1x4%7C1x5%7C1y11%7C1y12%7C1y2%7C1y31%7C1y4%7C1y5%7C1z11%7C1z12%7C1z2%7C1z3%7C1z41%7C1z5%7C11011%7C11012%7C1102%7C11031%7C1104%7C1105%7C1111%7C1112%7C11131%7C1114%7C1115%7C11211%7C11212%7C1122%7C1123%7C1124%7C11251%7C11311%7C1132%7C1133%7C1134%7C11351%7C11411%7C11412%7C1142%7C1143%7C11441%7C1145%7C11511%7C11611%7C1171%7C11721%7C1173%7C1174%7C1175%7C11811%7C11812%7C11821%7C1183%7C1184%7C1185%7C11911%7C11912%7C11921%7C1193%7C1194%7C1195%7C11a11%7C11a12%7C11a21%7C11a3%7C11a4%7C11a5%7C11b1%7C11b2%7C11b3%7C11b4%7C11b5%7C11c1%7C11c2%7C11c3%7C11c4%7C11c5%7C11d11%7C11d12%7C11d2%7C11d3%7C11d4%7C11d5%7C11e11%7C11e12%7C11e21%7C11f11%7C11f12%7C11f2%7C11g11%7C11g2%7C11g3%7C11g4%7C11g5%7C11h11%7C11h12%7C11h2%7C11i11%7C11i12%7C11i2%7C11j1%7C11k1%7C11l1%7C11m1%7C11n1%7C11o1%7C11p1%7C11q1%7C11q21%7C11q22%7C11q23%7C11q24%7C11q25%7C11q26%7C11q27%7C11q28%7C11q29%7C11q2a%7C11q2b%7C11q2c%7C11q2d%7C11q2e%7C11q2f%7C11q2g%7C11q2h%7C11q2i%7C11q3%7C11q4%7C11r1%7C11r2%7C11r3%7C11r4%7C11s1%7C11s2%7C11s3%7C11s4%7C11t1%7C11t2%7C11t3%7C11t4%7C11u1%7C11u2%7C11u3%7C11u4,idMap:1j1*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:4493,sinceFw:1498,readyFired:true%7D&br=c
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=efljs&e=1535582086632
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:e69a:c43c:f0d:9cd8 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:28 GMT
server
nginx
x-server-name
dt14.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
async_usersync
ib.adnxs.com/ Frame 812D 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
AN-X-Request-Uuid
b1e14e5d-b986-47b4-aa42-ccc64d1b4163
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 5F16 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
AN-X-Request-Uuid
9253ba49-8439-4d50-bae0-c8057cd1f387
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 374D 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
AN-X-Request-Uuid
8013e094-daaa-430c-bfec-62aa7ec5a561
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 1298 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:28 GMT
AN-X-Request-Uuid
13f04052-917b-4f11-910f-695c8d2c4aad
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 3A7C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930248&asId=9d7b8e3d-18ac-083d-530b-71e179fb993e&tv=%7Bc:xHUzwl,pingTime:-2,time:3480,type:a,im:%7Bsf:0,pci:%7Btdr:952%7D,pom:1,prf:%7BbeA:8493,beZ:8494,mfA:10443,cmA:10443,inA:10443,inZ:10444,prA:10444,prZ:10488,si:10490,poA:10490,poZ:10498,cmZ:10498,mfZ:10498,loA:11358,loZ:11360,ltA:11973,ltZ:11973,mdA:8494,mdZ:8538,idA:10498,idZ:10557%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:body%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:1996%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:3480,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:1996,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1529~0%5D,as:%5B1529~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:jload,dtt:0,fm:tqVxaI2+11%7C121%7C131%7C141%7C151%7C161%7C171%7C181%7C191%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e11%7C1e12%7C1e13%7C1f11%7C1f12%7C1f13%7C1g11%7C1g21%7C1g3%7C1g4%7C1g5%7C1h1.992712-61653181%7C1h11%7C1h12%7C1h2%7C1h3%7C1h41%7C1h5%7C1i11%7C1i12%7C1i13%7C1i2%7C1i31%7C1i4%7C1i5%7C1j1.992712-61653181%7C1j11%7C1j12%7C1j13%7C1j2%7C1j31%7C1j4%7C1j5%7C1k1.992712-61653181%7C1k11%7C1k12%7C1k21%7C1k3%7C1k4%7C1k5%7C1l1.992712-61653181%7C1l11%7C1l12%7C1l2%7C1l3%7C1l4%7C1l51%7C1m1.992712-61653181%7C1m11%7C1m12%7C1m2%7C1m31%7C1m4%7C1m5%7C1n1*.930248%7C1n11%7C1n12%7C1n13%7C1n2%7C1n3%7C1n4%7C1n51%7C1o1.992712-61653181%7C1o11%7C1o12%7C1o13%7C1o21%7C1o3%7C1o4%7C1o5%7C1p11%7C1p12%7C1p13%7C1p14%7C1p15%7C1p2%7C1p3%7C1p41%7C1p5%7C1q11%7C1q12%7C1q2%7C1q3%7C1q4%7C1q51%7C1r11%7C1r12%7C1r13%7C1r2%7C1r3%7C1r41%7C1r5%7C1s11%7C1s12%7C1s13%7C1s2%7C1s3%7C1s4%7C1s51%7C1t%7C1u11%7C1u12%7C1u13%7C1v11%7C1v12%7C1v21%7C1v3%7C1v4%7C1v5%7C1w11%7C1w2%7C1w3%7C1w41%7C1w5%7C1x1%7C1x21%7C1x3%7C1x4%7C1x5%7C1y11%7C1y12%7C1y2%7C1y31%7C1y4%7C1y5%7C1z11%7C1z12%7C1z2%7C1z3%7C1z41%7C1z5%7C11011%7C11012%7C1102%7C11031%7C1104%7C1105%7C1111%7C1112%7C11131%7C1114%7C1115%7C11211%7C11212%7C1122%7C1123%7C1124%7C11251%7C11311%7C1132%7C1133%7C1134%7C11351%7C11411%7C11412%7C1142%7C1143%7C11441%7C1145%7C11511%7C11611%7C1171%7C11721%7C1173%7C1174%7C1175%7C11811%7C11812%7C11821%7C1183%7C1184%7C1185%7C11911%7C11912%7C11921%7C1193%7C1194%7C1195%7C11a11%7C11a12%7C11a21%7C11a3%7C11a4%7C11a5%7C11b1%7C11b21%7C11b3%7C11b4%7C11b5%7C11c1%7C11c2%7C11c3%7C11c4%7C11c51%7C11d11%7C11d12%7C11d21%7C11d3%7C11d4%7C11d5%7C11e11%7C11e12%7C11e21%7C11f11%7C11f12%7C11f2%7C11g11%7C11g2%7C11g3%7C11g4%7C11g5%7C11h11%7C11h12%7C11h2%7C11i11%7C11i12%7C11i2%7C11j1%7C11k1%7C11l1%7C11m1%7C11n1%7C11o1%7C11o21%7C11o22%7C11o23%7C11o24%7C11o25%7C11o26%7C11o27%7C11o28%7C11o29%7C11o2a%7C11o2b%7C11o2c%7C11o2d%7C11o2e%7C11o2f%7C11o2g%7C11o2h%7C11o2i%7C11o3%7C11o4%7C11p1%7C11p2%7C11p3%7C11p4%7C11q1%7C11q2%7C11q3%7C11q4%7C11r1%7C11r2%7C11r3%7C11r4%7C11s1%7C11s2%7C11s3%7C11s4,idMap:1n1.3f7b216e-2265-fe8c-d694-beffe1a4ac1c.1024_992712-61653181%7C1n1*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:1997,sinceFw:1483,readyFired:true%7D&br=c
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=sqwwysn&e=1535582086632
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:e69a:c43c:f0d:9cd8 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:29 GMT
server
nginx
x-server-name
dt14.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js
pagead2.googlesyndication.com/bg/ Frame EDBF 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 06:51:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11783
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15923
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 24 Dec 2023 06:51:06 GMT
async_usersync
ib.adnxs.com/ Frame 3349 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:29 GMT
AN-X-Request-Uuid
25b849f4-b16f-429b-b346-7264fb09c1cc
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
B23805721.267984260;dc_ver=92.271;dc_eid=40004000;sz=300x250;u_sd=1;gdpr=0;aucid=3877668616759209353;crid=273242068;ioid=%24%7BINSERTION_ORDER_ID%7D;liid=%24%7BCAMPAIGN_ID%7D;segid=%24%7BPIXEL_ID_C...
ad.doubleclick.net/ddm/adj/N163801.2560713PROPERTYSOLUTIONS/ Frame 84EA 		65 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N163801.2560713PROPERTYSOLUTIONS/B23805721.267984260;dc_ver=92.271;dc_eid=40004000;sz=300x250;u_sd=1;gdpr=0;aucid=3877668616759209353;crid=273242068;ioid=%24%7BINSERTION_ORDER_ID%7D;liid=%24%7BCAMPAIGN_ID%7D;segid=%24%7BPIXEL_ID_COMMA%7D;srcid=%24%7BSOURCE_URL%7D;dc_adk=2995118103;ord=j3q82p;click=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FZkdTX-l-iz8jtYzKB36EPwAAAIAUruc_Dz4nFbp_hD_iQEgWMIGLP4ntnOoPP9A1jRdONcm4NVZaz6ZjAAAAAHlDgQEYKAAA6h8AAAIAAADUV0kQnuYfAAAAAABVU0QARVVSACwB-gAx-QAAAAABAQUCAAAAAMoATyPGAgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%25216BUDKQj4gZYXENSvpYIBGJ7NfyAAKAAxmpmZmZmZuT86CUZSQTE6NjU0OUCIMEkAAAAAAADwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAADQP2kAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DODE3MCNGUkExOjY1NDk%3D%2Fbn%3D99148%2Fclickenc%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Fforward.com%2F$0;xdt=1;crlt=SGqX)'TyIK;gcsr=m;stc=1;chaa=1;sttr=1463;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v92.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
cafe /
Resource Hash
aff45352f0df2aef68cff9c35d82db41f3f209eef15ee03c4b7fd1e728c39a7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:29 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28143
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 3E31 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:29 GMT
AN-X-Request-Uuid
73e9b098-cf54-462f-9886-285ba40cecfc
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 3A7C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930248&asId=9d7b8e3d-18ac-083d-530b-71e179fb993e&tv=%7Bc:xHUzwQ,pingTime:0,time:3511,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:1996%7D,%7Bpiv:100,vs:i,r:,t:3511%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:3511,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:1996,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1560~0%5D,as:%5B1560~728.90%5D%7D%7D,%7Bsl:i,t:3511,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1~100%5D,as:%5B1~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tqVxaI2+11%7C121%7C131%7C141%7C151%7C161%7C171%7C181%7C191%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e11%7C1e12%7C1e13%7C1f11%7C1f12%7C1f13%7C1g11%7C1g21%7C1g3%7C1g4%7C1g5%7C1h1.992712-61653181%7C1h11%7C1h12%7C1h2%7C1h3%7C1h41%7C1h5%7C1i11%7C1i12%7C1i13%7C1i2%7C1i31%7C1i4%7C1i5%7C1j1.992712-61653181%7C1j11%7C1j12%7C1j13%7C1j2%7C1j31%7C1j4%7C1j5%7C1k1.992712-61653181%7C1k11%7C1k12%7C1k21%7C1k3%7C1k4%7C1k5%7C1l1.992712-61653181%7C1l11%7C1l12%7C1l2%7C1l3%7C1l4%7C1l51%7C1m1.992712-61653181%7C1m11%7C1m12%7C1m2%7C1m31%7C1m4%7C1m5%7C1n1*.930248%7C1n11%7C1n12%7C1n13%7C1n2%7C1n3%7C1n4%7C1n51%7C1o1.992712-61653181%7C1o11%7C1o12%7C1o13%7C1o21%7C1o3%7C1o4%7C1o5%7C1p11%7C1p12%7C1p13%7C1p14%7C1p15%7C1p2%7C1p3%7C1p41%7C1p5%7C1q11%7C1q12%7C1q2%7C1q3%7C1q4%7C1q51%7C1r11%7C1r12%7C1r13%7C1r2%7C1r3%7C1r41%7C1r5%7C1s11%7C1s12%7C1s13%7C1s2%7C1s3%7C1s4%7C1s51%7C1t%7C1u11%7C1u12%7C1u13%7C1v11%7C1v12%7C1v21%7C1v3%7C1v4%7C1v5%7C1w11%7C1w2%7C1w3%7C1w41%7C1w5%7C1x1%7C1x21%7C1x3%7C1x4%7C1x5%7C1y11%7C1y12%7C1y2%7C1y31%7C1y4%7C1y5%7C1z11%7C1z12%7C1z2%7C1z3%7C1z41%7C1z5%7C11011%7C11012%7C1102%7C11031%7C1104%7C1105%7C1111%7C1112%7C11131%7C1114%7C1115%7C11211%7C11212%7C1122%7C1123%7C1124%7C11251%7C11311%7C1132%7C1133%7C1134%7C11351%7C11411%7C11412%7C1142%7C1143%7C11441%7C1145%7C11511%7C11611%7C1171%7C11721%7C1173%7C1174%7C1175%7C11811%7C11812%7C11821%7C1183%7C1184%7C1185%7C11911%7C11912%7C11921%7C1193%7C1194%7C1195%7C11a11%7C11a12%7C11a21%7C11a3%7C11a4%7C11a5%7C11b1%7C11b21%7C11b3%7C11b4%7C11b5%7C11c1%7C11c2%7C11c3%7C11c4%7C11c51%7C11d11%7C11d12%7C11d21%7C11d3%7C11d4%7C11d5%7C11e11%7C11e12%7C11e21%7C11f11%7C11f12%7C11f2%7C11g11%7C11g2%7C11g3%7C11g4%7C11g5%7C11h11%7C11h12%7C11h2%7C11i11%7C11i12%7C11i2%7C11j1%7C11k1%7C11l1%7C11m1%7C11n1%7C11o1%7C11o21%7C11o22%7C11o23%7C11o24%7C11o25%7C11o26%7C11o27%7C11o28%7C11o29%7C11o2a%7C11o2b%7C11o2c%7C11o2d%7C11o2e%7C11o2f%7C11o2g%7C11o2h%7C11o2i%7C11o3%7C11o4%7C11p1%7C11p2%7C11p3%7C11p4%7C11q1%7C11q2%7C11q3%7C11q4%7C11r1%7C11r2%7C11r3%7C11r4%7C11s1%7C11s2%7C11s3%7C11s4,idMap:1n1.3f7b216e-2265-fe8c-d694-beffe1a4ac1c.1024_992712-61653181%7C1n1*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:1997,sis:3500%7D&br=c
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=sqwwysn&e=1535582086632
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:e69a:c43c:f0d:9cd8 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:29 GMT
server
nginx
x-server-name
dt13.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
mv27933064.json
cdn.flashtalking.com/129256/ Frame 64B6 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/129256/mv27933064.json?cb=50952902
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
bba703285e14e4e122959963ee8f3ecb5105a12295e12330e642a1daba162dd9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:29 GMT
Content-Encoding
gzip
x-amz-request-id
QMW79NXGEW91A8X7
Connection
Keep-Alive
Content-Length
1040
x-amz-id-2
9XZIgbyS11D+Gqwu7xGA7/n5I85hUUZJSZDIaC8Wpi3q/iZz/CDSQOOhB696bbAWiiCD0jFE1Gg=
Last-Modified
Wed, 13 Jul 2022 14:04:44 GMT
ETag
"1657721084"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/json
Access-Control-Allow-Origin
*
X-HW
1671876449.dop241.fr8.shc,1671876449.dop241.fr8.t,1671876449.cds224.fr8.pr
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Accept-Ranges
bytes
mv27933064.json
cdn.flashtalking.com/129256/ Frame EC34 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/129256/mv27933064.json?cb=479680297
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
bba703285e14e4e122959963ee8f3ecb5105a12295e12330e642a1daba162dd9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:29 GMT
Content-Encoding
gzip
x-amz-request-id
QMW79NXGEW91A8X7
Connection
Keep-Alive
Content-Length
1040
x-amz-id-2
9XZIgbyS11D+Gqwu7xGA7/n5I85hUUZJSZDIaC8Wpi3q/iZz/CDSQOOhB696bbAWiiCD0jFE1Gg=
Last-Modified
Wed, 13 Jul 2022 14:04:44 GMT
ETag
"1657721084"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/json
Access-Control-Allow-Origin
*
X-HW
1671876449.dop222.fr8.shc,1671876449.dop222.fr8.t,1671876449.cds224.fr8.pr
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Accept-Ranges
bytes
mv27933064.json
cdn.flashtalking.com/129256/ Frame C39E 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/129256/mv27933064.json?cb=959830962
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
bba703285e14e4e122959963ee8f3ecb5105a12295e12330e642a1daba162dd9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:29 GMT
Content-Encoding
gzip
x-amz-request-id
QMW79NXGEW91A8X7
Connection
Keep-Alive
Content-Length
1040
x-amz-id-2
9XZIgbyS11D+Gqwu7xGA7/n5I85hUUZJSZDIaC8Wpi3q/iZz/CDSQOOhB696bbAWiiCD0jFE1Gg=
Last-Modified
Wed, 13 Jul 2022 14:04:44 GMT
ETag
"1657721084"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/json
Access-Control-Allow-Origin
*
X-HW
1671876449.dop231.fr8.shc,1671876449.dop231.fr8.t,1671876449.cds224.fr8.pr
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Accept-Ranges
bytes
dt
dt.adsafeprotected.com/ Frame A931 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=992712&asId=878338a6-51f7-9396-3e8a-3135cb5fa0a7&tv=%7Bc:xHUzwV,pingTime:-2,time:6040,type:a,im:%7Bsf:0,pci:%7Btdr:823%7D,pom:1,prf:%7BbdA:4032,bdZ:4091,beA:6046,beZ:6047,mfA:10628,cmA:10628,inA:10628,inZ:10629,prA:10629,prZ:10665,si:10667,poA:10668,poZ:10675,cmZ:10675,mfZ:10675,loA:11483,loZ:11485,ltA:12086,ltZ:12086,mdA:6048,mdZ:6219%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:4620%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:0,o:6040,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:4620,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1458~0%5D,as:%5B1458~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tqVxaI2+11%7C121%7C131%7C141%7C151%7C161%7C171%7C181%7C191%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e11%7C1e12%7C1e13%7C1f11%7C1f12%7C1f13%7C1g11%7C1g21%7C1g3%7C1g4%7C1g5%7C1h1*.992712-61653181%7C1h11%7C1h12%7C1h2%7C1h3%7C1h41%7C1h5%7C1i11%7C1i12%7C1i13%7C1i2%7C1i31%7C1i4%7C1i5%7C1j1.992712-61653181%7C1j11%7C1j12%7C1j13%7C1j2%7C1j31%7C1j4%7C1j5%7C1k1.992712-61653181%7C1k11%7C1k12%7C1k21%7C1k3%7C1k4%7C1k5%7C1l1.992712-61653181%7C1l11%7C1l12%7C1l2%7C1l3%7C1l4%7C1l51%7C1m1.992712-61653181%7C1m11%7C1m12%7C1m2%7C1m31%7C1m4%7C1m5%7C1n1.992712-61653181%7C1n11%7C1n12%7C1n13%7C1n14%7C1n2%7C1n3%7C1n4%7C1n51%7C1o1.992712-61653181%7C1o11%7C1o12%7C1o13%7C1o21%7C1o3%7C1o4%7C1o5%7C1p11%7C1p12%7C1p13%7C1p14%7C1p15%7C1p2%7C1p3%7C1p41%7C1p5%7C1q11%7C1q12%7C1q2%7C1q3%7C1q4%7C1q51%7C1r11%7C1r12%7C1r13%7C1r2%7C1r3%7C1r41%7C1r5%7C1s11%7C1s12%7C1s13%7C1s2%7C1s3%7C1s4%7C1s51%7C1t%7C1u11%7C1u12%7C1u13%7C1v11%7C1v12%7C1v21%7C1v3%7C1v4%7C1v5%7C1w11%7C1w2%7C1w3%7C1w41%7C1w5%7C1x1%7C1x21%7C1x3%7C1x4%7C1x5%7C1y11%7C1y12%7C1y2%7C1y31%7C1y4%7C1y5%7C1z11%7C1z12%7C1z2%7C1z3%7C1z41%7C1z5%7C11011%7C11012%7C1102%7C11031%7C1104%7C1105%7C1111%7C1112%7C11131%7C1114%7C1115%7C11211%7C11212%7C1122%7C1123%7C1124%7C11251%7C11311%7C1132%7C1133%7C1134%7C11351%7C11411%7C11412%7C1142%7C1143%7C11441%7C1145%7C11511%7C11611%7C1171%7C11721%7C1173%7C1174%7C1175%7C11811%7C11812%7C11821%7C1183%7C1184%7C1185%7C11911%7C11912%7C11921%7C1193%7C1194%7C1195%7C11a11%7C11a12%7C11a21%7C11a3%7C11a4%7C11a5%7C11b1%7C11b21%7C11b3%7C11b4%7C11b5%7C11c1%7C11c2%7C11c3%7C11c4%7C11c51%7C11d11%7C11d12%7C11d21%7C11d3%7C11d4%7C11d5%7C11e11%7C11e12%7C11e21%7C11f11%7C11f12%7C11f2%7C11g11%7C11g2%7C11g3%7C11g4%7C11g5%7C11h11%7C11h12%7C11h2%7C11i11%7C11i12%7C11i2%7C11j1%7C11k1%7C11l1%7C11m1%7C11n1%7C11o1%7C11o21%7C11o22%7C11o23%7C11o24%7C11o25%7C11o26%7C11o27%7C11o28%7C11o29%7C11o2a%7C11o2b%7C11o2c%7C11o2d%7C11o2e%7C11o2f%7C11o2g%7C11o2h%7C11o2i%7C11o3%7C11o4%7C11p1%7C11p2%7C11p3%7C11p4%7C11q1%7C11q2%7C11q3%7C11q4%7C11r1%7C11r2%7C11r3%7C11r4%7C11s1%7C11s2%7C11s3%7C11s4,idMap:1h1*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:4621,sinceFw:1419,readyFired:true%7D&br=c
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=icavjgt&e=1535582086632
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:e69a:c43c:f0d:9cd8 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:29 GMT
server
nginx
x-server-name
dt15.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
B23477308.261110427;dc_ver=92.271;dc_eid=40004001;sz=300x250;u_sd=1;gdpr=0;aucid=5584174140448221518;crid=240707633;ioid=%24%7BINSERTION_ORDER_ID%7D;liid=%24%7BCAMPAIGN_ID%7D;segid=%24%7BPIXEL_ID_C...
ad.doubleclick.net/ddm/adj/N163801.2560713PROPERTYSOLUTIONS/ Frame 3D32 		65 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N163801.2560713PROPERTYSOLUTIONS/B23477308.261110427;dc_ver=92.271;dc_eid=40004001;sz=300x250;u_sd=1;gdpr=0;aucid=5584174140448221518;crid=240707633;ioid=%24%7BINSERTION_ORDER_ID%7D;liid=%24%7BCAMPAIGN_ID%7D;segid=%24%7BPIXEL_ID_COMMA%7D;srcid=%24%7BSOURCE_URL%7D;dc_adk=1609180503;ord=7jpn9p;click=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FJqCJsOHphT_RLasY_VSAPwAAAIAUruc_0S2rGP1UgD8noImw4emFP06pVmXL-H5NjRdONcm4NVZaz6ZjAAAAAHlDgQEYKAAA6h8AAAIAAAAx6FgOnuYfAAAAAABVU0QARVVSACwB-gAx-QAAAAABAQUCAAAAAMoAcifEswAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%25218RVvJgiJlNUVELHQ43IYns1_IAAoADGamZmZmZm5PzoJRlJBMTo1NDQ4QIgwSQAAAAAAAPA_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAANA_aQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DODE3MCNGUkExOjU0NDg%3D%2Fbn%3D93255%2Fclickenc%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Fforward.com%2F$0;xdt=1;crlt=SGqX)'TyIK;gcsr=m;stc=1;chaa=1;sttr=1421;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v92.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
cafe /
Resource Hash
e8ed327ab6c327cae47c38bdb2efb5414ff1f3405ea1da3bca3cfcef891640a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:29 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27953
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 3EFE 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:29 GMT
AN-X-Request-Uuid
afbbb136-ebde-4627-a5a0-82e2f770a7c5
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 9393 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=992712&asId=861dc8b1-c04a-f2f7-814a-af5215a5f97b&tv=%7Bc:xHUzxb,pingTime:-2,time:6052,type:a,im:%7Bsf:0,pci:%7Btdr:859%7D,pom:1,prf:%7BbdA:4004,bdZ:4064,beA:6013,beZ:6014,mfA:10646,cmA:10646,inA:10646,inZ:10647,prA:10647,prZ:10684,si:10686,poA:10687,poZ:10694,cmZ:10694,mfZ:10694,loA:11467,loZ:11469,ltA:12065,ltZ:12065,mdA:6015,mdZ:6202%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:4672%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:0,o:6052,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:4672,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1419~0%5D,as:%5B1419~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tqVxaI2+11%7C121%7C131%7C141%7C151%7C161%7C171%7C181%7C191%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e11%7C1e12%7C1e13%7C1f11%7C1f12%7C1f13%7C1g11%7C1g21%7C1g3%7C1g4%7C1g5%7C1h1.992712-61653181%7C1h11%7C1h12%7C1h13%7C1h2%7C1h3%7C1h41%7C1h5%7C1i11%7C1i12%7C1i13%7C1i2%7C1i31%7C1i4%7C1i5%7C1j1.992712-61653181%7C1j11%7C1j12%7C1j13%7C1j2%7C1j31%7C1j4%7C1j5%7C1k1*.992712-61653181%7C1k11%7C1k12%7C1k21%7C1k3%7C1k4%7C1k5%7C1l1.992712-61653181%7C1l11%7C1l12%7C1l2%7C1l3%7C1l4%7C1l51%7C1m1.992712-61653181%7C1m11%7C1m12%7C1m2%7C1m31%7C1m4%7C1m5%7C1n1.992712-61653181%7C1n11%7C1n12%7C1n13%7C1n14%7C1n2%7C1n3%7C1n4%7C1n51%7C1o1.992712-61653181%7C1o11%7C1o12%7C1o13%7C1o21%7C1o3%7C1o4%7C1o5%7C1p11%7C1p12%7C1p13%7C1p14%7C1p15%7C1p2%7C1p3%7C1p41%7C1p5%7C1q11%7C1q12%7C1q2%7C1q3%7C1q4%7C1q51%7C1r11%7C1r12%7C1r13%7C1r2%7C1r3%7C1r41%7C1r5%7C1s11%7C1s12%7C1s13%7C1s2%7C1s3%7C1s4%7C1s51%7C1t%7C1u11%7C1u12%7C1u13%7C1v11%7C1v12%7C1v21%7C1v3%7C1v4%7C1v5%7C1w11%7C1w2%7C1w3%7C1w41%7C1w5%7C1x1%7C1x21%7C1x3%7C1x4%7C1x5%7C1y11%7C1y12%7C1y2%7C1y31%7C1y4%7C1y5%7C1z11%7C1z12%7C1z2%7C1z3%7C1z41%7C1z5%7C11011%7C11012%7C1102%7C11031%7C1104%7C1105%7C1111%7C1112%7C11131%7C1114%7C1115%7C11211%7C11212%7C1122%7C1123%7C1124%7C11251%7C11311%7C1132%7C1133%7C1134%7C11351%7C11411%7C11412%7C1142%7C1143%7C11441%7C1145%7C11511%7C11611%7C1171%7C11721%7C1173%7C1174%7C1175%7C11811%7C11812%7C11821%7C1183%7C1184%7C1185%7C11911%7C11912%7C11921%7C1193%7C1194%7C1195%7C11a11%7C11a12%7C11a21%7C11a3%7C11a4%7C11a5%7C11b1%7C11b21%7C11b3%7C11b4%7C11b5%7C11c1%7C11c2%7C11c3%7C11c4%7C11c51%7C11d11%7C11d12%7C11d21%7C11d3%7C11d4%7C11d5%7C11e11%7C11e12%7C11e21%7C11f11%7C11f12%7C11f2%7C11g11%7C11g2%7C11g3%7C11g4%7C11g5%7C11h11%7C11h12%7C11h2%7C11i11%7C11i12%7C11i2%7C11j1%7C11k1%7C11l1%7C11m1%7C11n1%7C11o1%7C11o21%7C11o22%7C11o23%7C11o24%7C11o25%7C11o26%7C11o27%7C11o28%7C11o29%7C11o2a%7C11o2b%7C11o2c%7C11o2d%7C11o2e%7C11o2f%7C11o2g%7C11o2h%7C11o2i%7C11o3%7C11o4%7C11p1%7C11p2%7C11p3%7C11p4%7C11q1%7C11q2%7C11q3%7C11q4%7C11r1%7C11r2%7C11r3%7C11r4%7C11s1%7C11s2%7C11s3%7C11s4,idMap:1k1*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:4673,sinceFw:1379,readyFired:true%7D&br=c
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=ybwpafwce&e=1535582086632
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:e69a:c43c:f0d:9cd8 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:29 GMT
server
nginx
x-server-name
dt07.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
mv27933064.json
cdn.flashtalking.com/129256/ Frame ED46 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/129256/mv27933064.json?cb=133935050
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
bba703285e14e4e122959963ee8f3ecb5105a12295e12330e642a1daba162dd9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:29 GMT
Content-Encoding
gzip
x-amz-request-id
QMW79NXGEW91A8X7
Connection
Keep-Alive
Content-Length
1040
x-amz-id-2
9XZIgbyS11D+Gqwu7xGA7/n5I85hUUZJSZDIaC8Wpi3q/iZz/CDSQOOhB696bbAWiiCD0jFE1Gg=
Last-Modified
Wed, 13 Jul 2022 14:04:44 GMT
ETag
"1657721084"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/json
Access-Control-Allow-Origin
*
X-HW
1671876449.dop204.fr8.shc,1671876449.dop204.fr8.t,1671876449.cds224.fr8.pr
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Accept-Ranges
bytes
mv27933064.json
cdn.flashtalking.com/129256/ Frame 1A6B 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/129256/mv27933064.json?cb=792007288
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
bba703285e14e4e122959963ee8f3ecb5105a12295e12330e642a1daba162dd9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:29 GMT
Content-Encoding
gzip
x-amz-request-id
QMW79NXGEW91A8X7
Connection
Keep-Alive
Content-Length
1040
x-amz-id-2
9XZIgbyS11D+Gqwu7xGA7/n5I85hUUZJSZDIaC8Wpi3q/iZz/CDSQOOhB696bbAWiiCD0jFE1Gg=
Last-Modified
Wed, 13 Jul 2022 14:04:44 GMT
ETag
"1657721084"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/json
Access-Control-Allow-Origin
*
X-HW
1671876449.dop012.fr8.shc,1671876449.dop012.fr8.t,1671876449.cds224.fr8.pr
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Accept-Ranges
bytes
/
ad-events.flashtalking.com/state/6162252;3290827;28432533;271;C20E16DC-E496-BF59-820C-F0D2A52C6302/ Frame 0E9D 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-events.flashtalking.com/state/6162252;3290827;28432533;271;C20E16DC-E496-BF59-820C-F0D2A52C6302/?cachebuster=470446884
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=omaxbbue&e=1544311770728
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.169.195.169 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-169-195-169.eu-west-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:29 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
ft.stat
stat.flashtalking.com/reportV3/ Frame 0E9D 		1 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stat.flashtalking.com/reportV3/ft.stat?216800443-6162252;3290827;28432533-304-0-547141C502C1FA-608949195
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=omaxbbue&e=1544311770728
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-99.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:29 GMT
Last-Modified
Thu, 28 Jun 2012 14:38:09 GMT
Server
AkamaiNetStorage
ETag
"c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type
text/plain
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1
Expires
Sat, 24 Dec 2022 10:07:29 GMT
/
ad-events.flashtalking.com/state/6162252;3290827;28432533;271;F3659A8A-1EDC-F4C9-0528-9B06AC1D9888/ Frame F2A8 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-events.flashtalking.com/state/6162252;3290827;28432533;271;F3659A8A-1EDC-F4C9-0528-9B06AC1D9888/?cachebuster=344016887
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=rnekscbjcg&e=1544311770728
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.169.195.169 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-169-195-169.eu-west-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:29 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
ft.stat
stat.flashtalking.com/reportV3/ Frame F2A8 		1 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stat.flashtalking.com/reportV3/ft.stat?216800443-6162252;3290827;28432533-304-0-547141C502C1FA-262091156
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=rnekscbjcg&e=1544311770728
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-99.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:29 GMT
Last-Modified
Thu, 28 Jun 2012 14:38:09 GMT
Server
AkamaiNetStorage
ETag
"c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type
text/plain
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1
Expires
Sat, 24 Dec 2022 10:07:29 GMT
mv27933064.json
cdn.flashtalking.com/129256/ Frame E2E0 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/129256/mv27933064.json?cb=160180196
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
bba703285e14e4e122959963ee8f3ecb5105a12295e12330e642a1daba162dd9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:29 GMT
Content-Encoding
gzip
x-amz-request-id
QMW79NXGEW91A8X7
Connection
Keep-Alive
Content-Length
1040
x-amz-id-2
9XZIgbyS11D+Gqwu7xGA7/n5I85hUUZJSZDIaC8Wpi3q/iZz/CDSQOOhB696bbAWiiCD0jFE1Gg=
Last-Modified
Wed, 13 Jul 2022 14:04:44 GMT
ETag
"1657721084"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/json
Access-Control-Allow-Origin
*
X-HW
1671876449.dop162.fr8.shc,1671876449.dop162.fr8.t,1671876449.cds224.fr8.pr
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Accept-Ranges
bytes
dt
dt.adsafeprotected.com/ Frame 9936 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=992712&asId=5ec149a1-d9d7-c260-9367-c9e16a931eca&tv=%7Bc:xHUzxx,pingTime:-2,time:6051,type:a,im:%7Bpci:%7Btdr:704%7D,sf:0,pom:1,prf:%7BbdA:4002,bdZ:4065,beA:6028,beZ:6029,mfA:10699,cmA:10699,inA:10699,inZ:10700,prA:10700,prZ:10739,si:10741,poA:10741,poZ:10750,cmZ:10750,mfZ:10750,loA:11561,loZ:11562,ltA:12079,ltZ:12079,mdA:6029,mdZ:6208%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:4712%7D,%7Bpiv:-1,vs:n,r:,t:5531%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:0,o:5531,n:521,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:4712,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B859~0%5D,as:%5B859~728.90%5D%7D%7D,%7Bsl:n,t:5531,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B521~1%5D,as:%5B521~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tqVxaI2+11%7C121%7C131%7C141%7C151%7C161%7C171%7C181%7C191%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e11%7C1e12%7C1e13%7C1f11%7C1f12%7C1f13%7C1g11%7C1g21%7C1g3%7C1g4%7C1g5%7C1h1.992712-61653181%7C1h11%7C1h12%7C1h13%7C1h2%7C1h3%7C1h41%7C1h5%7C1i11%7C1i12%7C1i13%7C1i2%7C1i31%7C1i4%7C1i5%7C1j1.992712-61653181%7C1j11%7C1j12%7C1j13%7C1j2%7C1j31%7C1j4%7C1j5%7C1k1.992712-61653181%7C1k11%7C1k12%7C1k13%7C1k21%7C1k3%7C1k4%7C1k5%7C1l1*.992712-61653181%7C1l11%7C1l12%7C1l2%7C1l3%7C1l4%7C1l51%7C1m1.992712-61653181%7C1m11%7C1m12%7C1m2%7C1m31%7C1m4%7C1m5%7C1n1.992712-61653181%7C1n11%7C1n12%7C1n13%7C1n14%7C1n2%7C1n3%7C1n4%7C1n51%7C1o1.992712-61653181%7C1o11%7C1o12%7C1o13%7C1o21%7C1o3%7C1o4%7C1o5%7C1p11%7C1p12%7C1p13%7C1p14%7C1p15%7C1p2%7C1p3%7C1p41%7C1p5%7C1q11%7C1q12%7C1q2%7C1q3%7C1q4%7C1q51%7C1r11%7C1r12%7C1r13%7C1r2%7C1r3%7C1r41%7C1r5%7C1s11%7C1s12%7C1s13%7C1s2%7C1s3%7C1s4%7C1s51%7C1t%7C1u11%7C1u12%7C1u13%7C1v11%7C1v12%7C1v21%7C1v3%7C1v4%7C1v5%7C1w11%7C1w2%7C1w3%7C1w41%7C1w5%7C1x1%7C1x21%7C1x3%7C1x4%7C1x5%7C1y11%7C1y12%7C1y2%7C1y31%7C1y4%7C1y5%7C1z11%7C1z12%7C1z2%7C1z3%7C1z41%7C1z5%7C11011%7C11012%7C1102%7C11031%7C1104%7C1105%7C1111%7C1112%7C11131%7C1114%7C1115%7C11211%7C11212%7C1122%7C1123%7C1124%7C11251%7C11311%7C1132%7C1133%7C1134%7C11351%7C11411%7C11412%7C1142%7C1143%7C11441%7C1145%7C11511%7C11611%7C1171%7C11721%7C1173%7C1174%7C1175%7C11811%7C11812%7C11821%7C1183%7C1184%7C1185%7C11911%7C11912%7C11921%7C1193%7C1194%7C1195%7C11a11%7C11a12%7C11a21%7C11a3%7C11a4%7C11a5%7C11b1%7C11b21%7C11b3%7C11b4%7C11b5%7C11c1%7C11c2%7C11c3%7C11c4%7C11c51%7C11d11%7C11d12%7C11d21%7C11d3%7C11d4%7C11d5%7C11e11%7C11e12%7C11e21%7C11f11%7C11f12%7C11f2%7C11g11%7C11g2%7C11g3%7C11g4%7C11g5%7C11h11%7C11h12%7C11h2%7C11i11%7C11i12%7C11i2%7C11j1%7C11k1%7C11l1%7C11m1%7C11n1%7C11o1%7C11o21%7C11o22%7C11o23%7C11o24%7C11o25%7C11o26%7C11o27%7C11o28%7C11o29%7C11o2a%7C11o2b%7C11o2c%7C11o2d%7C11o2e%7C11o2f%7C11o2g%7C11o2h%7C11o2i%7C11o3%7C11o4%7C11p1%7C11p2%7C11p3%7C11p4%7C11q1%7C11q2%7C11q3%7C11q4%7C11r1%7C11r2%7C11r3%7C11r4%7C11s1%7C11s2%7C11s3%7C11s4,idMap:1l1*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:4713,sinceFw:1337,readyFired:true%7D&br=c
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=hxphinku&e=1535582086632
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:e69a:c43c:f0d:9cd8 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:29 GMT
server
nginx
x-server-name
dt12.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 96B2 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=992712&asId=8536ba99-d871-e3dd-3aa1-3d35833fd27b&tv=%7Bc:xHUzxE,pingTime:-2,time:6047,type:a,im:%7Bpci:%7Btdr:680%7D,sf:0,pom:1,prf:%7BbdA:4020,bdZ:4088,beA:6033,beZ:6034,mfA:10745,cmA:10745,inA:10745,inZ:10746,prA:10746,prZ:10784,si:10786,poA:10787,poZ:10795,cmZ:10795,mfZ:10795,loA:11583,loZ:11583,ltA:12079,ltZ:12079,mdA:6034,mdZ:6213%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:4753%7D,%7Bpiv:-1,vs:n,r:,t:5547%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:0,o:5547,n:500,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:4753,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B834~0%5D,as:%5B834~728.90%5D%7D%7D,%7Bsl:n,t:5547,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B500~1%5D,as:%5B500~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tqVxaI2+11%7C121%7C131%7C141%7C151%7C161%7C171%7C181%7C191%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e11%7C1e12%7C1e13%7C1f11%7C1f12%7C1f13%7C1g11%7C1g21%7C1g3%7C1g4%7C1g5%7C1h1.992712-61653181%7C1h11%7C1h12%7C1h13%7C1h2%7C1h3%7C1h41%7C1h5%7C1i11%7C1i12%7C1i13%7C1i2%7C1i31%7C1i4%7C1i5%7C1j1.992712-61653181%7C1j11%7C1j12%7C1j13%7C1j2%7C1j31%7C1j4%7C1j5%7C1k1.992712-61653181%7C1k11%7C1k12%7C1k13%7C1k21%7C1k3%7C1k4%7C1k5%7C1l1.992712-61653181%7C1l11%7C1l12%7C1l13%7C1l2%7C1l3%7C1l4%7C1l51%7C1m1*.992712-61653181%7C1m11%7C1m12%7C1m2%7C1m31%7C1m4%7C1m5%7C1n1.992712-61653181%7C1n11%7C1n12%7C1n13%7C1n14%7C1n2%7C1n3%7C1n4%7C1n51%7C1o1.992712-61653181%7C1o11%7C1o12%7C1o13%7C1o21%7C1o3%7C1o4%7C1o5%7C1p11%7C1p12%7C1p13%7C1p14%7C1p15%7C1p2%7C1p3%7C1p41%7C1p5%7C1q11%7C1q12%7C1q2%7C1q3%7C1q4%7C1q51%7C1r11%7C1r12%7C1r13%7C1r2%7C1r3%7C1r41%7C1r5%7C1s11%7C1s12%7C1s13%7C1s2%7C1s3%7C1s4%7C1s51%7C1t%7C1u11%7C1u12%7C1u13%7C1v11%7C1v12%7C1v21%7C1v3%7C1v4%7C1v5%7C1w11%7C1w2%7C1w3%7C1w41%7C1w5%7C1x1%7C1x21%7C1x3%7C1x4%7C1x5%7C1y11%7C1y12%7C1y2%7C1y31%7C1y4%7C1y5%7C1z11%7C1z12%7C1z2%7C1z3%7C1z41%7C1z5%7C11011%7C11012%7C1102%7C11031%7C1104%7C1105%7C1111%7C1112%7C11131%7C1114%7C1115%7C11211%7C11212%7C1122%7C1123%7C1124%7C11251%7C11311%7C1132%7C1133%7C1134%7C11351%7C11411%7C11412%7C1142%7C1143%7C11441%7C1145%7C11511%7C11611%7C1171%7C11721%7C1173%7C1174%7C1175%7C11811%7C11812%7C11821%7C1183%7C1184%7C1185%7C11911%7C11912%7C11921%7C1193%7C1194%7C1195%7C11a11%7C11a12%7C11a21%7C11a3%7C11a4%7C11a5%7C11b1%7C11b21%7C11b3%7C11b4%7C11b5%7C11c1%7C11c2%7C11c3%7C11c4%7C11c51%7C11d11%7C11d12%7C11d21%7C11d3%7C11d4%7C11d5%7C11e11%7C11e12%7C11e21%7C11f11%7C11f12%7C11f2%7C11g11%7C11g2%7C11g3%7C11g4%7C11g5%7C11h11%7C11h12%7C11h2%7C11i11%7C11i12%7C11i2%7C11j1%7C11k1%7C11l1%7C11m1%7C11n1%7C11o1%7C11o21%7C11o22%7C11o23%7C11o24%7C11o25%7C11o26%7C11o27%7C11o28%7C11o29%7C11o2a%7C11o2b%7C11o2c%7C11o2d%7C11o2e%7C11o2f%7C11o2g%7C11o2h%7C11o2i%7C11o3%7C11o4%7C11p1%7C11p2%7C11p3%7C11p4%7C11q1%7C11q2%7C11q3%7C11q4%7C11r1%7C11r2%7C11r3%7C11r4%7C11s1%7C11s2%7C11s3%7C11s4,idMap:1m1*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:4754,sinceFw:1292,readyFired:true%7D&br=c
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=ajdxfouger&e=1535582086632
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:e69a:c43c:f0d:9cd8 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:29 GMT
server
nginx
x-server-name
dt11.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame B5EE 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930248&asId=9e0a00f4-a1e9-4383-2735-964ffd17cedf&tv=%7Bc:xHUzxK,pingTime:-2,time:3388,type:a,im:%7Bsf:0,pci:%7Btdr:765%7D,pom:1,prf:%7BbeA:8651,beZ:8652,mfA:10756,cmA:10756,inA:10756,inZ:10757,prA:10757,prZ:10792,si:10793,poA:10793,poZ:10802,cmZ:10802,mfZ:10802,loA:11553,loZ:11555,ltA:12039,ltZ:12039,mdA:8653,mdZ:8705,idA:10802,idZ:10872%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:body%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:2141%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:3388,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:2141,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1283~0%5D,as:%5B1283~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:jload,dtt:0,fm:tqVxaI2+11%7C121%7C131%7C141%7C151%7C161%7C171%7C181%7C191%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e11%7C1e12%7C1e13%7C1f11%7C1f12%7C1f13%7C1g11%7C1g21%7C1g3%7C1g4%7C1g5%7C1h1.992712-61653181%7C1h11%7C1h12%7C1h13%7C1h2%7C1h3%7C1h41%7C1h5%7C1i11%7C1i12%7C1i13%7C1i2%7C1i31%7C1i4%7C1i5%7C1j1.992712-61653181%7C1j11%7C1j12%7C1j13%7C1j2%7C1j31%7C1j4%7C1j5%7C1k1.992712-61653181%7C1k11%7C1k12%7C1k13%7C1k21%7C1k3%7C1k4%7C1k5%7C1l1.992712-61653181%7C1l11%7C1l12%7C1l13%7C1l2%7C1l3%7C1l4%7C1l51%7C1m1.992712-61653181%7C1m11%7C1m12%7C1m13%7C1m2%7C1m31%7C1m4%7C1m5%7C1n1.992712-61653181%7C1n11%7C1n12%7C1n13%7C1n14%7C1n2%7C1n3%7C1n4%7C1n51%7C1o1*.930248%7C1o11%7C1o12%7C1o13%7C1o21%7C1o3%7C1o4%7C1o5%7C1p11%7C1p12%7C1p13%7C1p14%7C1p15%7C1p2%7C1p3%7C1p41%7C1p5%7C1q11%7C1q12%7C1q2%7C1q3%7C1q4%7C1q51%7C1r11%7C1r12%7C1r13%7C1r2%7C1r3%7C1r41%7C1r5%7C1s11%7C1s12%7C1s13%7C1s2%7C1s3%7C1s4%7C1s51%7C1t%7C1u11%7C1u12%7C1u13%7C1v11%7C1v12%7C1v21%7C1v3%7C1v4%7C1v5%7C1w11%7C1w2%7C1w3%7C1w41%7C1w5%7C1x1%7C1x21%7C1x3%7C1x4%7C1x5%7C1y11%7C1y12%7C1y2%7C1y31%7C1y4%7C1y5%7C1z11%7C1z12%7C1z2%7C1z3%7C1z41%7C1z5%7C11011%7C11012%7C1102%7C11031%7C1104%7C1105%7C1111%7C1112%7C11131%7C1114%7C1115%7C11211%7C11212%7C1122%7C1123%7C1124%7C11251%7C11311%7C1132%7C1133%7C1134%7C11351%7C11411%7C11412%7C1142%7C1143%7C11441%7C1145%7C11511%7C11611%7C1171%7C11721%7C1173%7C1174%7C1175%7C11811%7C11812%7C11821%7C1183%7C1184%7C1185%7C11911%7C11912%7C11921%7C1193%7C1194%7C1195%7C11a11%7C11a12%7C11a21%7C11a3%7C11a4%7C11a5%7C11b1%7C11b21%7C11b3%7C11b4%7C11b5%7C11c1%7C11c2%7C11c3%7C11c4%7C11c51%7C11d11%7C11d12%7C11d21%7C11d3%7C11d4%7C11d5%7C11e11%7C11e12%7C11e21%7C11f11%7C11f12%7C11f2%7C11g11%7C11g2%7C11g3%7C11g4%7C11g5%7C11h11%7C11h12%7C11h2%7C11i11%7C11i12%7C11i2%7C11j1%7C11k1%7C11l1%7C11m1%7C11n1%7C11o1%7C11o21%7C11o22%7C11o23%7C11o24%7C11o25%7C11o26%7C11o27%7C11o28%7C11o29%7C11o2a%7C11o2b%7C11o2c%7C11o2d%7C11o2e%7C11o2f%7C11o2g%7C11o2h%7C11o2i%7C11o3%7C11o4%7C11p1%7C11p2%7C11p3%7C11p4%7C11q1%7C11q2%7C11q3%7C11q4%7C11r1%7C11r2%7C11r3%7C11r4%7C11s1%7C11s2%7C11s3%7C11s4,idMap:1o1.83f3ab22-d8e3-dcc6-a856-f4ed86a77a42.994_992712-61653181%7C1o1*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:2142,sinceFw:1245,readyFired:true%7D&br=c
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=gsuhtufxa&e=1535582086632
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:e69a:c43c:f0d:9cd8 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:29 GMT
server
nginx
x-server-name
dt08.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
ca
choices.trustarc.com/ Frame D573 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/ca?aid=sojern02_d&pid=sojern01&cid=0&w=300&h=250&c=1264160094&js=pmw1&base=te-clr1-2adca0ac-48ca-4cde-ade6-4e2ce951d3b6
Requested by
Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?sz=300x250&c=1264160094&cid=0&aid=sojern02_d&pid=sojern01&js=pmw0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-110.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
e4e01da7b2e352aa4476d17876dda633dda20683689c0dffb922728839826121
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop
FRA2-C1
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
2331
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
text/javascript;charset=UTF-8
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
uYY53U1_YSraRwUa-YzUq-eeCa7RwqVa834prkFt-ylfvOwYFWViZQ==
expires
Mon, 26 Jul 1997 05:00:00 GMT
ca
choices.trustarc.com/ Frame D573 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/ca?aid=sojern02_d&pid=sojern01&cid=0&w=300&h=250&c=1264160094&js=pmw2
Requested by
Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?sz=300x250&c=1264160094&cid=0&aid=sojern02_d&pid=sojern01&js=pmw0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-110.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop
FRA2-C1
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
text/javascript;charset=UTF-8
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
a1QMu1YdBozzXD6g5h5i47vebr8UdvffQhio5rhAcu7hnK_by-WtEw==
expires
Mon, 26 Jul 1997 05:00:00 GMT
cap
choices.trustarc.com/ Frame D573 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/cap?aid=sojern02_d&pid=sojern01&cid=0&w=300&h=250&c=b979
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=etmctaf&e=1971603729092
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-110.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
via
1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
HclOMdf8fPKSokPa6TL2qvoT_yOMwDLkbr4lLYejeWTsVtldT5S5Lw==
expires
Mon, 26 Jul 1997 05:00:00 GMT
mv27933064.json
cdn.flashtalking.com/129256/ Frame 9A07 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/129256/mv27933064.json?cb=753291039
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
bba703285e14e4e122959963ee8f3ecb5105a12295e12330e642a1daba162dd9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:29 GMT
Content-Encoding
gzip
x-amz-request-id
QMW79NXGEW91A8X7
Connection
Keep-Alive
Content-Length
1040
x-amz-id-2
9XZIgbyS11D+Gqwu7xGA7/n5I85hUUZJSZDIaC8Wpi3q/iZz/CDSQOOhB696bbAWiiCD0jFE1Gg=
Last-Modified
Wed, 13 Jul 2022 14:04:44 GMT
ETag
"1657721084"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/json
Access-Control-Allow-Origin
*
X-HW
1671876449.dop241.fr8.shc,1671876449.dop241.fr8.t,1671876449.cds224.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Accept-Ranges
bytes
ca
choices.truste.com/ Frame 3CF9 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.truste.com/ca?pid=sojern01&aid=sojern02&cid=25884809&js=st0
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-7.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
f0ef56b6e451abaf3b8b9094e66469c37307efb0aec6b5735cf77e26eee061ca
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 ff2bcb2d3b4a3d9e0615ddd1033c38c4.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop
FRA2-C2
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
8030
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
text/javascript;charset=UTF-8
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
2gY9JY4OH_I9Y0GRMCyJ3tISoKA2cEg0YjtPfJLP-ErwGCJTA6K6oQ==
expires
Mon, 26 Jul 1997 05:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3CF9 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 24 Dec 2022 10:07:29 GMT
index.html
s0.2mdn.net/sadbundle/17869387440646609525/ Frame 1F66 		15 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17869387440646609525/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f0c081421b79ae578db393116f97dca870ed09f46ad63349cf45ace85a1dc6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
4273
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sat, 24 Dec 2022 10:07:29 GMT
expires
Sun, 24 Dec 2023 10:07:29 GMT
last-modified
Sun, 13 Jun 2021 08:51:52 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 3CF9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssUrg8TgIiBnhYrPcTzdC7Jrkd0HmighguKKAugZqJZtuENUZrPpyOaJ-K7IdaRAhSIrTH9O1hLYcbC02KDYkQn9qhLBNUAobEvFi6GeNY4gbNFcKA4bneakWxJjr2TEvqshTpQo6lZbUmoKKftZNA2oXw&sai=AMfl-YT7oLYTDB1Nry8gsBX2AHZO8WTir0aqHuEaaSSyy1VcirjSM1fA836T_51Jp1xUgk-RM0dlsC1KoQgqJh2FJzL34sqvrMhb1ILIBQIa&sig=Cg0ArKJSzB9KuvrbZlT0EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2327&cbvp=1&cstd=2325&cisv=r20221207.73457&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 24 Dec 2022 10:07:29 GMT
dcm
beacon.sojern.com/imp/ Frame 3CF9 		42 B
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.sojern.com/imp/dcm?auc=4785499947907653564&io=${INSERTION_ORDER_ID}&li=${CAMPAIGN_ID}&cr=292929924&io=${INSERTION_ORDER_ID}&seg=${PIXEL_ID_COMMA}&src=${SOURCE_URL}&ord=%c
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=pjbsvsf&e=1544311770728
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
119.244.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
date
Sat, 24 Dec 2022 10:07:29 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
vary
Accept-Encoding
content-type
image/gif
async_usersync.html
acdn.adnxs.com/dmp/ Frame 7E9A 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
53037
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 24 Dec 2022 10:07:29 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 15 Dec 2022 19:23:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
100, 264418
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220059-HHN
X-Timer
S1671876449.079788,VS0,VE0
ixmatch.html
js-sec.indexww.com/um/ Frame DD41 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
419
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
77e887be493c2bd2-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 10:07:29 GMT
expires
Sat, 24 Dec 2022 14:07:29 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 0F1F 		281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 10:07:29 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E3AD 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=157691
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sat, 24 Dec 2022 10:07:29 GMT
expires
Mon, 26 Dec 2022 05:55:40 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame 9366 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1654713&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:29 GMT
AN-X-Request-Uuid
80394bde-b62a-4af3-ab9d-e3904135f986
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dt
dt.adsafeprotected.com/ Frame B5EE 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930248&asId=9e0a00f4-a1e9-4383-2735-964ffd17cedf&tv=%7Bc:xHUzz4,pingTime:0,time:3470,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:2141%7D,%7Bpiv:100,vs:i,r:,t:3470%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:3470,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:2141,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1365~0%5D,as:%5B1365~728.90%5D%7D%7D,%7Bsl:i,t:3470,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B0~100%5D,as:%5B0~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tqVxaI2+11%7C121%7C131%7C141%7C151%7C161%7C171%7C181%7C191%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e11%7C1e12%7C1e13%7C1f11%7C1f12%7C1f13%7C1g11%7C1g21%7C1g3%7C1g4%7C1g5%7C1h1.992712-61653181%7C1h11%7C1h12%7C1h13%7C1h2%7C1h3%7C1h41%7C1h5%7C1i11%7C1i12%7C1i13%7C1i2%7C1i31%7C1i4%7C1i5%7C1j1.992712-61653181%7C1j11%7C1j12%7C1j13%7C1j2%7C1j31%7C1j4%7C1j5%7C1k1.992712-61653181%7C1k11%7C1k12%7C1k13%7C1k21%7C1k3%7C1k4%7C1k5%7C1l1.992712-61653181%7C1l11%7C1l12%7C1l13%7C1l2%7C1l3%7C1l4%7C1l51%7C1m1.992712-61653181%7C1m11%7C1m12%7C1m13%7C1m2%7C1m31%7C1m4%7C1m5%7C1n1.992712-61653181%7C1n11%7C1n12%7C1n13%7C1n14%7C1n2%7C1n3%7C1n4%7C1n51%7C1o1*.930248%7C1o11%7C1o12%7C1o13%7C1o21%7C1o3%7C1o4%7C1o5%7C1p11%7C1p12%7C1p13%7C1p14%7C1p15%7C1p2%7C1p3%7C1p41%7C1p5%7C1q11%7C1q12%7C1q2%7C1q3%7C1q4%7C1q51%7C1r11%7C1r12%7C1r13%7C1r2%7C1r3%7C1r41%7C1r5%7C1s11%7C1s12%7C1s13%7C1s2%7C1s3%7C1s4%7C1s51%7C1t%7C1u11%7C1u12%7C1u13%7C1v11%7C1v12%7C1v21%7C1v3%7C1v4%7C1v5%7C1w11%7C1w2%7C1w3%7C1w41%7C1w5%7C1x1%7C1x21%7C1x3%7C1x4%7C1x5%7C1y11%7C1y12%7C1y2%7C1y31%7C1y4%7C1y5%7C1z11%7C1z12%7C1z2%7C1z3%7C1z41%7C1z5%7C11011%7C11012%7C1102%7C11031%7C1104%7C1105%7C1111%7C1112%7C11131%7C1114%7C1115%7C11211%7C11212%7C1122%7C1123%7C1124%7C11251%7C11311%7C1132%7C1133%7C1134%7C11351%7C11411%7C11412%7C1142%7C1143%7C11441%7C1145%7C11511%7C11611%7C1171%7C11721%7C1173%7C1174%7C1175%7C11811%7C11812%7C11821%7C1183%7C1184%7C1185%7C11911%7C11912%7C11921%7C1193%7C1194%7C1195%7C11a11%7C11a12%7C11a21%7C11a3%7C11a4%7C11a5%7C11b1%7C11b21%7C11b3%7C11b4%7C11b5%7C11c1%7C11c2%7C11c3%7C11c4%7C11c51%7C11d11%7C11d12%7C11d21%7C11d3%7C11d4%7C11d5%7C11e11%7C11e12%7C11e21%7C11f11%7C11f12%7C11f2%7C11g11%7C11g2%7C11g3%7C11g4%7C11g5%7C11h11%7C11h12%7C11h2%7C11i11%7C11i12%7C11i2%7C11j1%7C11k1%7C11l1%7C11m1%7C11n1%7C11o1%7C11o21%7C11o22%7C11o23%7C11o24%7C11o25%7C11o26%7C11o27%7C11o28%7C11o29%7C11o2a%7C11o2b%7C11o2c%7C11o2d%7C11o2e%7C11o2f%7C11o2g%7C11o2h%7C11o2i%7C11o3%7C11o4%7C11p1%7C11p2%7C11p3%7C11p4%7C11q1%7C11q2%7C11q3%7C11q4%7C11r1%7C11r2%7C11r3%7C11r4%7C11s1%7C11s2%7C11s3%7C11s4,idMap:1o1.83f3ab22-d8e3-dcc6-a856-f4ed86a77a42.994_992712-61653181%7C1o1*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:2142,sis:3444%7D&br=c
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=gsuhtufxa&e=1535582086632
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:e69a:c43c:f0d:9cd8 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:29 GMT
server
nginx
x-server-name
dt10.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
vevent
fra1-ib.adnxs.com/ Frame CE34 		0
951 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fforward.com%2F&e=wqT_3QKoC_BMqAUAAAMA1gAFAQjWnpudBhCplq23j4OHvCcYja-4qpOZ7ppWKjYJDJOpglFJfT8RflWRfrkedj8ZAAAAgBSu5z8hflWRfrkedj8pDJMJJPCaMQAAAEDheoQ_MPmGhQw4mFBA4RhIAlCb0ra5AViezX9gAGix8pcBeMmGBoABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJpdWYoJ2EnLCA0NTA2MTg4LCAwKTt1ZignaScsIDc2NTY5MjYsIDApO3VmKCdnJywgMTkxMDI1MDcsIDAJKTxzJywgMjc4NTgwOTIyLCAwCRYwcicsIDM4ODg2ODM3OQUW9IEBkgKJBSFRbjktTEFqWDl1TVpFSnZTdHJrQkdBQWduczFfTUFFNEFFQUFTT0VZVVBtR2hReFlBR0M5Qm1nQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkFxZ0JBckFCQUxrQk5FNWNPNVdXZXpfQkFmUkQ0TFgzUm4wX3lRRUFBQURBek16c1A5a0JTRE1XVFdjbjdqX2dBZDZyMHdQMUFRQUFRRUNZQWdDZ0FnQzFBZ0FBQUFDOUFnQUFBQURBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0SWdfeS1KeEFFR0FFdHdYS3dPYUlERXdpdDBfTW1FQW9ZQVMxbVptWV9NZ04xYm5HaUF3NEltcm1ZSlJBTEdBSXRBQUFBQUxvRENVWlNRVEU2TmpVME5lQURpRENBQkpIa3FnbUlCTENKcXdtUUJBR1lCQVN5QkFrSXZ1b1JFSl9jcEEyNkJCa0k3UWdSdUI2RjYxRzRuajhaQUFBQUEBy1hBQWd2dW9Sd1FTNEhvWHJVYmllUDhrRQkbAQEYRFlCQUR4QgELDQF4aUFXUk01Z0Z1cDNyaEFHcEJVZ3pGazFuSi00X3NRVQ0mFEFBQU1FRgEHCQE4REpCUUFBQUtBTGF1a18wLigABE5rFSi4OERfZ0Jjc0Y4QVdyOW8wSi1BWE1oSk1DZ2dZRFJWVlNpQVlBa0FZQm1BWUFvUVkJWzRBQUlRS2dHQkxJR0pBaxEUCEFBQh3HBEJrGRgAQx0YRExnR0NnLi6aApkBIS1SYWUyUTqNAhBKN05meQG4BEF4EUIsQ0VBNkNVWlNRVEU2JZFAVUNJTUVsSU14Wk5aeWZ1UDEdYQBGHXkMR0c0SDFlADIdGABIHTAMSGdBaUWhAQHw10R3UHcuLtgCAOACm4VO6gIUaHR0cHM6Ly9mb3J3YXJkLmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APw0pIB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDgwLjI1NS43LjEwOKgEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADSBA4zMTY5I0ZSQTE6NjU0NdoEAggB4AQB8ASb0ra5AYgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAAAAEOcNgFAeAFAfAFq-9J-gUECAAQAJAGAJgGALgGAMEGASEwAADwP9AG_wvaBhYKEAkRGQF0EAAYAOAGAfIGAggAgAcBiAcAoAcByAfJhgbSBw0JESgBJgjaBwYBXXAYAOAHAOoHAggA8AeWxQOKCAIQAJUIAACAP5gIAQ..&s=dddf42c511fd6792a7099667b02fb97035e818b3&type=pv&jm=1003&px=0&py=0&bw=300&bh=250&sf=1&sid=1425382271713132305&vd=ct~0|rr~5&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=25248633&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/231/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:29 GMT
AN-X-Request-Uuid
ef6d513c-c374-4a0f-b6c0-8715e52b3d7f
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame CF3F 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
419
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
77e887be49592bd2-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 10:07:29 GMT
expires
Sat, 24 Dec 2022 14:07:29 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame FCFE 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
53036
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 24 Dec 2022 10:07:29 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 15 Dec 2022 19:23:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
100, 267164
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220027-HHN
X-Timer
S1671876449.101047,VS0,VE0
usync.html
eus.rubiconproject.com/ Frame B404 		281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 10:07:29 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A1D4 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=157691
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sat, 24 Dec 2022 10:07:29 GMT
expires
Mon, 26 Dec 2022 05:55:40 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
ad-events.flashtalking.com/state/6162252;3290827;28432533;271;1AE75C53-4DD8-0DB8-F944-FB4D51A06190/ Frame 434A 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-events.flashtalking.com/state/6162252;3290827;28432533;271;1AE75C53-4DD8-0DB8-F944-FB4D51A06190/?cachebuster=399129067
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=ppqndwhs&e=1544311770728
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.169.195.169 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-169-195-169.eu-west-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:29 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
ft.stat
stat.flashtalking.com/reportV3/ Frame 434A 		1 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stat.flashtalking.com/reportV3/ft.stat?216800443-6162252;3290827;28432533-304-0-547141C502C1FA-19721844
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=ppqndwhs&e=1544311770728
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-99.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:29 GMT
Last-Modified
Thu, 28 Jun 2012 14:38:09 GMT
Server
AkamaiNetStorage
ETag
"c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type
text/plain
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1
Expires
Sat, 24 Dec 2022 10:07:29 GMT
banner
ad4.adfarm1.adition.com/ Frame E4A3 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4.adfarm1.adition.com/banner?sid=4787253&adjsver=3&fvers=&iframe=1&ref=https%3A//flashnetic.com/r/p.html%3Ff%3Dlnjwvpico%26e%3D1828802515028&ro=https%3A//flashnetic.com/r/p.html%3Ff%3Dlnjwvpico%26e%3D1828802515028&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/108.0.5359.124%20Safari/537.36&os=17&browser=11&userid=7180654624183416986&wi=1270468411&ac=1&kw=%5Bmtp%5D%28cid%29406782912%5BAAID%5D%5BIDFA%5D%5Bu%5Dhttps%3A%2F%2Fforward.com%2F%5Bp%5D1654713%5Bmtp%5D%28segc%29&gdpr=0&screen_res=6&prf[ADVERTISINGID]=&prf[IDFA]=&prf[paadformat]=728x90&prf[paappid]=&prf[paauction]=1169128554313985298&prf[pacarrier]=1&prf[paclickid]=&prf[padevice]=0&prf[padevid]=&prf[padsp]=apx&prf[padspuserid]=6212074435349714829&prf[pageolat]=&prf[pageolon]=&prf[paplacementid]=6063205&prf[papublisherid]=1654713&prf[paref]=https://forward.com/&prf[pasource]=&prf[passp]=10264&prf[pasupplytype]=0&prf[pavendor]=&wpt=J&clickurl=https%3A%2F%2Ffra1%2Dib.adnxs.com%2Fclick%3FKHqKBn054D9ViIyJNfvYPwAAAIA9Cu8%5FRxz1wmt%5F5D%5FH155ZEqDqPxKtptA5lDkQjRdONcm4NVZaz6ZjAAAAAJdDgQEYKAAAsAQAAAIAAADAAz8YnuYfAAAAAABVU0QARVVSANgCWgAx%2DQAAAAABAQUCAAAAAMoAlSQ4oQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521ABKf%2DgjJo5YaEMCH%5FMEBGJ7NfyAAKAAxAAAAAAAAAAA6CUZSQTE6NTc3MUCIMElIMxZNZyfuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTIwMCNGUkExOjU3NzE%3D%2Fbn%3D93239%2Fclickenc%3D
Requested by
Host: ad4.adfarm1.adition.com
URL: https://ad4.adfarm1.adition.com/js?wp_id=4787253&gdpr=0&gdpr_consent=&prf[paappid]=&prf[padevid]=&prf[IDFA]=&prf[ADVERTISINGID]=&prf[pasource]=&prf[paplacementid]=6063205&prf[papublisherid]=1654713&prf[paref]=https%3A%2F%2Fforward.com%2F&prf[pasupplytype]=0&prf[padsp]=apx&prf[padevice]=0&prf[paadformat]=728x90&prf[pavendor]=&prf[paclickid]=&prf[pacarrier]=1&prf[paauction]=1169128554313985298&prf[pageolat]=&prf[pageolon]=&prf[padspuserid]=6212074435349714829&prf[passp]=10264&keyword=[mtp](cid)406782912[AAID][IDFA][u]https%3A%2F%2Fforward.com%2F[p]1654713[mtp](segc)&clickurl=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FKHqKBn054D9ViIyJNfvYPwAAAIA9Cu8_Rxz1wmt_5D_H155ZEqDqPxKtptA5lDkQjRdONcm4NVZaz6ZjAAAAAJdDgQEYKAAAsAQAAAIAAADAAz8YnuYfAAAAAABVU0QARVVSANgCWgAx-QAAAAABAQUCAAAAAMoAlSQ4oQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521ABKf-gjJo5YaEMCH_MEBGJ7NfyAAKAAxAAAAAAAAAAA6CUZSQTE6NTc3MUCIMElIMxZNZyfuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTIwMCNGUkExOjU3NzE%3D%2Fbn%3D93239%2Fclickenc%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad4.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
a29fdbb2ddb4bc74c7197d5f9cfc38eab7da2a0b998e704c3124875e570ebb55

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:07:29 +0100
content-encoding
gzip
server
ADITIONSERVER v1.0
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
content-type
text/javascript
cache-control
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
impl_v92.js
www.googletagservices.com/dcm/ Frame F51F 		60 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v92.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8acf96115cb55ad61bfdc24b7918a946d1b983ac14062a584dbbe8744021430a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 18 Dec 2022 01:33:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
549259
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23563
x-xss-protection
0
last-modified
Mon, 07 Nov 2022 16:32:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 18 Dec 2023 01:33:10 GMT
main.19.8.377.js
static.adsafeprotected.com/ Frame BCC6 		199 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.377.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/1218281/67368266/skeleton.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:4800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c3d6dd40d554051caae0e87609382cfbf0370ef9acd3beddd1ad5c0bfd335c15

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 23:56:39 GMT
x-amz-version-id
dX.ebh6MRkbxhfqjxJgTQokuZG2AvCpL
content-encoding
gzip
via
1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
987051
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 12 Dec 2022 16:54:47 GMT
server
AmazonS3
etag
W/"6021cd2c4605b3ba4a8f0769ad2e5fc0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
V7CixErbKtgUYHzwL0aRd_YFnEsuh_KKHb36-JvqvTqYxucV0IRmiw==
oba_priv.sjs
imagesrv.adition.com/banners/270/ Frame BCC6 		2 KB
698 B 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/banners/270/oba_priv.sjs?oba=&domId=obaButton_7180654637069372426&btr=true&pos=top-right&cid=13779&aid=13779
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=kwqcltffp&e=1971603729092
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
f36d8e02503382092264c1682e3b8d3c8758f87e077bf3bd84f8cf0914239f01

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 24 Dec 2022 10:07:29 GMT
content-encoding
br
content-length
613
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
async_usersync.html
acdn.adnxs.com/dmp/ Frame F4B0 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=kwqcltffp&e=1971603729092
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
53037
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 24 Dec 2022 10:07:29 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 15 Dec 2022 19:23:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
100, 264419
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220059-HHN
X-Timer
S1671876449.123606,VS0,VE0
rd_log
fra1-ib.adnxs.com/ Frame BCC6 		0
930 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fforward.com%2F&e=wqT_3QLsDPRuAmwGAAADANYABQEI1p6bnQYQoMSctdOJ--pxGI2vuKqTme6aVio2CcqvFeM0JOA_Ebvu8u1w2tg_GQAAAIAUruc_IUcc9cJrf-Q_KcfXnlkSoOo_MQAAAEDheoQ_MPmGhQw4mFBAsAlIAlC8h_zBAViezX9gAGix8pcBeIHYBYABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJodWYoJ2EnLCA5ODExNzAsIDApO3VmKCdpJywgNzg4MjczMCwgMCk7dWYoJ2cnLCAxOTg4NTYyNSwgMCk7dWYoJ3MnLCAyODA4OTA2NTksIDApO3VmKCdyJywgNDA2NzgyOTA4LCAwKTuSArkEITBHa3gzd2pKbzVZYUVMeUhfTUVCR0FBZ25zMV9NQUE0QUVBQVNMQUpVUG1HaFF4WUFHQzlCbWdBY0FCNEFJQUJBSWdCQUpBQkFaZ0JBYUFCQWFnQkFiQUJBTGtCSnh4QnZ0Y1c2VF9CQWJWYy1MSVBvT29feVFFQUFBQUFBQUR3UDlrQlNETVdUV2NuN2pfZ0FlcVA0UVAxQWJpMlNELVlBZ0NnQWdHMUFnQUFBQUM5QWdBQUFBREFBZ0RJQWdEUUFnRFlBZ0RnQWdEb0FnRDRBZ0NBQXdHWUF3R2lBdzRJbnQyeEp4QUJHQUl0QUFEQVFLSUREZ2llM2JFbkVBc1lBaTBBQU1CQXVnTUpSbEpCTVRvMU16RTU0QU9JTUlBRTFlVHdDWWdFM3VUd0NaQUVBSmdFQWFBRUZNRUVBQUFBQUFBQUFBREpCQUFBQUFBBRMYMkFRQThRUQUMBQF4SWdGeHltWUJhT2EtSVVCcVFWSU14Wk5aeWZ1UDdFRgUkBQEIREJCETdAQmhBeVFVQUFBQ2c1TG5BUDkyKAAAWhUouFBBXzRBV0VpZ1h3QmJuY3ZRbjRCYkx4TzRJR0EwVlZVb2dHQkpBR0FaZ0dBS0VHBWcFASRDb0JnU3lCaVFKBQ8JAQBSCQcFAQBaBQYJAQBoCQcBAahDNEJnby6aApkBIS1oRnQtQWpKbzVZYUVMeUhfTUVCR0o3TmZ5QUFLQUF4AS8NAUw2Q1VaU1FURTZOVE14T1VDSU1FbDkFBDFFDScQQUFBRmsBBgkBAEcdGABHHRgASB0YEEhnQWlRERDwcUR3UHcuLtgCAOACm4VO6gIUaHR0cHM6Ly9mb3J3YXJkLmNvbS_yAhAKBkFEVl9JRBIGOTgxMTcw8gISCgZDUEdfSUQSCDE5ODg1NjI18gISCgVDUF9JRBIJMjgwODkwNjU58gINCghBRFZfRlJFURIBMAUQOFJFTV9VU0VSEgEw8gIMCgUgFENPREUSAAUPAVkRDxALCgdDUBUOEBAKBUlPAYgMBzc4OGHbAPIBIQRJTxUhOBMKD0NVU1RPTV9NT0RFTAErFADyAhoKFjIWABxMRUFGX05BTQVxCB4KGjYdAAhBU1QBPhBJRklFRAE-HBUKCFNQTElUAU0ACRXZ8LCAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APw0pIB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDgwLjI1NS43LjEwOKgEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADSBA4xMjAwI0ZSQTE6NTMxOdoEAggB4AQB8AS8h_zBAYgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAABDHQAANgFAeAFAfAFygH6BQQIABAAkAYAmAYAuAYAwQYJIijwP9AG8wPaBhYKEAkRGQF0EAAYAOAGAfIGAggAgAcBiAcAoAcByAeB2AXSBw0JESgBJgjaBwYBXXAYAOAHAOoHAggA8AeWxQOKCAIQAJUIAACAP5gIAQ..&s=bebc2500f9da8e1ada6f0ff02e73ecbad8d58d41&bdref=https%3A%2F%2Fforward.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fforward.com%2F,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dkwqcltffp%26e%3D1971603729092,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dkwqcltffp%26e%3D1971603729092&
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=kwqcltffp&e=1971603729092
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:29 GMT
AN-X-Request-Uuid
667a9878-85ae-433b-8943-ab57f75df70e
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
publishertag.prebid.130.js
static.criteo.net/js/ld/ Frame FA8A 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.130.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:29 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 17 Sep 2022 19:59:55 GMT
server
nginx
etag
W/"6326273b-16120"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 25 Dec 2022 10:07:29 GMT
css
fonts.googleapis.com/ Frame 703C 		2 KB
528 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:700
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2776815936793873956/e679d3fffbc33a58b9ed513096866bfa.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5ba6af8bd340ffb7fb078568374df5d6c9918445b121f6cb0acf606368c5b7d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 24 Dec 2022 10:07:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 24 Dec 2022 09:40:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 24 Dec 2022 10:07:29 GMT
css
fonts.googleapis.com/ Frame 703C 		2 KB
528 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2776815936793873956/e679d3fffbc33a58b9ed513096866bfa.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a5feba8ce66eafb93cd4dfff5083877ea2b2bf8daaded3058288b7cddb956cfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 24 Dec 2022 10:07:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 24 Dec 2022 09:42:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 24 Dec 2022 10:07:29 GMT
a9183a0311c9e9184175d3d12d600c88.jpg
s0.2mdn.net/sadbundle/2776815936793873956/media/ Frame 703C 		107 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2776815936793873956/media/a9183a0311c9e9184175d3d12d600c88.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2776815936793873956/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bed6e978ee9016807775c7562f72055e003efc79d87b19e8577042c1c84a7380
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2776815936793873956/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 18 Dec 2022 14:25:40 GMT
x-content-type-options
nosniff
age
502909
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
109321
x-xss-protection
0
last-modified
Sat, 05 Sep 2020 10:31:26 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 18 Dec 2023 14:25:40 GMT
ca6a7e71b5524c03d6c56e4b30ba8967.jpg
s0.2mdn.net/sadbundle/2776815936793873956/media/ Frame 703C 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2776815936793873956/media/ca6a7e71b5524c03d6c56e4b30ba8967.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2776815936793873956/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a8e23424c98aa13582f401c1bbd9b5d880d49109ef583bc41c585a68d128ecca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2776815936793873956/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 05:29:49 GMT
x-content-type-options
nosniff
age
189460
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
86187
x-xss-protection
0
last-modified
Sat, 05 Sep 2020 10:31:26 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 22 Dec 2023 05:29:49 GMT
9e00525871cb7736e652d05d5206493c.svg
s0.2mdn.net/sadbundle/2776815936793873956/media/ Frame 703C 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2776815936793873956/media/9e00525871cb7736e652d05d5206493c.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2776815936793873956/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9a2736d645ee3c9e999a46c25f115f41ba6a1006ea60c2a554d0c00ae0ad8e80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2776815936793873956/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 17 Dec 2022 20:52:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
566071
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3101
x-xss-protection
0
last-modified
Sat, 05 Sep 2020 10:31:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 17 Dec 2023 20:52:58 GMT
7d7b59ad1cfa91f094797880d184f1ca.svg
s0.2mdn.net/sadbundle/2776815936793873956/media/ Frame 703C 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2776815936793873956/media/7d7b59ad1cfa91f094797880d184f1ca.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2776815936793873956/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50a82207bae5191acfdffb7146bdeb799661c6357d6cfa01727fc5a18490e118
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2776815936793873956/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 17 Dec 2022 13:02:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
594274
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1286
x-xss-protection
0
last-modified
Sat, 05 Sep 2020 10:31:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 17 Dec 2023 13:02:55 GMT
vevent
fra1-ib.adnxs.com/ Frame A6EE 		0
948 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F&e=wqT_3QKFC_BMhQUAAAMA1gAFAQjXnpudBhCY-dHlqLS6zlwYja-4qpOZ7ppWKjYJehSuR-F6lD8RINJvXwfOiT8ZAAAA4HoU5j8hINJvXwfOiT8pexQJJNAxAAAAQOF6pD8w5a3IDDiRV0CrWkgCUIqI5WNYsPOfAWAAaLDSwQF4tNgFgAEBigEDVVNEkgUG8EyYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaHVmKCdhJywgNDM4ODc3OSwgMCk7dWYoJ2knLCAzODQxMTY3LCAwKQUULGcnLCAxMTEwNTI1NxUpAGMFKRQ4MDczMjYVFSxyJywgMjA5MjczODYJFvC2kgKxBCFEMmhHeGdpZXpzQVNFSXFJNVdNWUFDQ3c4NThCTUFFNEFFQUFTS3RhVU9XdHlBeFlBR0M5Qm1nQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkFxZ0JBckFCQUxrQkkwY0hxbXRNa3pfQkFkYmFYT2poZXBRX3lRRUFBQUFBQUFEd1A5a0JTRE1XVFdjbjdqX2dBWS01NmdIMUFRclhvenlZQWdDZ0FnSzFBZ0FBQUFDOUFnATnwi0RBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0SWpzaS1KeEFFR0FFdHZSeXJPYUlERXdqU2xPSWdFQW9ZQVMzckhZNF9NZ04xYm5HNkF3bEdVa0V4T2pVMk9EbmdBNGd3Z0FTOTNNQURpQVNYM2NBRGtBUUFtQVFFd1FRQUFBAZAUQUFBTWtFAQcJARhEWUJBRHhCCQ0FARxpQVc1TEtrRgUNIEFBQThELXhCUQEKCQEId1FVCQkBAQBNLigABF9SLigAADIVKPBDRHdQLUFGMEFfd0Jlbm5wUVg0QmF2dml3S0NCZ05GVlZLSUJnQ1FCZ0dZQmdDaEJuc1Vya2ZoZXBRX3FBWUVzZ1lrQ1EBbQkBAEUdjABHHQwASR0MOHVBWUuaApkBIWloVUtJdzY1AthzUE9mQVNBQUtBQXhleFN1Ui1GNmxEODZDVVpTUVRFNk5UWTRPVUNJTUVsSU14Wk5aeWZ1UDFFCX4BAQRGawEGCQEARz1MAEcdGABIHRgMSGdBaS5JAvQ-AXcuLtgCAOAC35dV6gJLaHR0cHM6Ly9mb3J3YXJkLmNvbS9uZXdzLzUyOTEzMC9nZW9yZ2Utc2FudG9zLWpld2lzaC1saWUtZ2VuZWFsb2d5LXJlY29yZHMvgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgD8NKSAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBAw4MC4yNTUuNy4xMDioBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQPMTE1NjMjRlJBMTo1Njg52gQCCAHgBAHwBIqI5WOIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXGBfoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0Aa1RNoGFgoQAAABQRkBdBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHtNgF0gcNCREoASYM2gcGCAUJaOAHAOoHAggA8AeWxQOKCAIQAJUIAACAP5gIAQ..&s=59660755ef0a7bbd3bcf6c0577f8fc08d1a9185f&type=nv&nvt=5&jm=1003&px=10&py=6881&bw=300&bh=250&sid=6569294401678229300&vd=ct~0|rr~0&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=26351333&cid=3&cr=nv&sw=1600&sh=1200&pw=1600&ph=7739&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/231/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:29 GMT
AN-X-Request-Uuid
37ea009a-a52f-4512-b5d3-a52e63cfe7fe
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://forward.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
publishertag.prebid.130.js
static.criteo.net/js/ld/ Frame BAFD 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.130.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:29 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 17 Sep 2022 19:59:55 GMT
server
nginx
etag
W/"6326273b-16120"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 25 Dec 2022 10:07:29 GMT
ca
choices.truste.com/ Frame 0694 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.truste.com/ca?pid=sojern01&aid=sojern02&cid=26683479&js=st0
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-7.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
9e02a9e90bcaa24ed5811c94d06e62db04898f388eda54f0872609c11c22531d
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 12:53:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 ff2bcb2d3b4a3d9e0615ddd1033c38c4.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop
FRA2-C2
cross-origin-embedder-policy
unsafe-none
age
76463
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
8037
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
text/javascript;charset=UTF-8
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
Pg_X6feElPLmxcmJp8BKqipePAd_fZV3JbY31jp8XSvCZGi9VMx83Q==
expires
Mon, 26 Jul 1997 05:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0694 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 24 Dec 2022 10:07:29 GMT
index.html
s0.2mdn.net/sadbundle/15430684408566409259/ Frame F4C7 		19 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/15430684408566409259/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
edbcd1542ddf12f60bca4cb783d5c80d1e4b01ab1dd2a31f3bd9cf5774ed6524
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
525838
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
4462
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sun, 18 Dec 2022 08:03:31 GMT
expires
Mon, 18 Dec 2023 08:03:31 GMT
last-modified
Sun, 22 May 2022 10:01:36 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 0694 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvoSZV2cdBfKna-pM0rt_ehMDlvZG6GtM222-i7EKwbWMCRV1gThLv3WkUN-6JyIyWU8WG4EMMEL6SzgJwAwrO6WsKrXxxyd8ha_FVFims2QjohUF3KCxBLVa1jtABjWvUhSAkFLFwdVBJfDC5XzrH30Fg&sai=AMfl-YQRJ5lxKU1YkuPIlfCrXkJ1SyypPmKG7SYQ_5cbtcwf53r9aOpEf95kuLIII25wTCmKwHhtpyqpyx89McK_wWDaaTeX0Cn_j-ilYQMw&sig=Cg0ArKJSzBebYt3CDFhyEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2247&cbvp=1&cstd=2245&cisv=r20221207.82997&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 24 Dec 2022 10:07:29 GMT
dcm
beacon.sojern.com/imp/ Frame 0694 		42 B
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.sojern.com/imp/dcm?auc=4512479597910238743&io=${INSERTION_ORDER_ID}&li=${CAMPAIGN_ID}&cr=322267861&io=${INSERTION_ORDER_ID}&seg=${PIXEL_ID_COMMA}&src=${SOURCE_URL}&ord=%c
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=pqhllppa&e=1544311770728
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
119.244.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
date
Sat, 24 Dec 2022 10:07:29 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
vary
Accept-Encoding
content-type
image/gif
css
fonts.googleapis.com/ Frame 0E58 		2 KB
528 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:700
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8627345791007471973/4d684d06a5ab2eaa1dd91864ea416638.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5ba6af8bd340ffb7fb078568374df5d6c9918445b121f6cb0acf606368c5b7d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 24 Dec 2022 10:07:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 24 Dec 2022 08:57:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 24 Dec 2022 10:07:29 GMT
css
fonts.googleapis.com/ Frame 0E58 		2 KB
528 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8627345791007471973/4d684d06a5ab2eaa1dd91864ea416638.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a5feba8ce66eafb93cd4dfff5083877ea2b2bf8daaded3058288b7cddb956cfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 24 Dec 2022 10:07:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 24 Dec 2022 08:34:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 24 Dec 2022 10:07:29 GMT
26e7085d4fe870f04f6e40ee6c15ba2b.jpg
s0.2mdn.net/sadbundle/8627345791007471973/media/ Frame 0E58 		83 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8627345791007471973/media/26e7085d4fe870f04f6e40ee6c15ba2b.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8627345791007471973/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
950dc5e40546bbe045d04eadb6da4d1bc273deeb14715ccfd9d22872071b411e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8627345791007471973/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 17:27:15 GMT
x-content-type-options
nosniff
age
405614
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
85046
x-xss-protection
0
last-modified
Tue, 25 Aug 2020 14:09:36 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 19 Dec 2023 17:27:15 GMT
885d174020a3cfb7a9a3415948fc9e70.jpg
s0.2mdn.net/sadbundle/8627345791007471973/media/ Frame 0E58 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8627345791007471973/media/885d174020a3cfb7a9a3415948fc9e70.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8627345791007471973/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9aaea7fc05b68f81c92d9a73ddb28cffdbb3664d6ec802435ab3a6f14544d05b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8627345791007471973/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 18 Dec 2022 11:05:34 GMT
x-content-type-options
nosniff
age
514915
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61630
x-xss-protection
0
last-modified
Tue, 25 Aug 2020 14:09:36 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 18 Dec 2023 11:05:34 GMT
9e00525871cb7736e652d05d5206493c.svg
s0.2mdn.net/sadbundle/8627345791007471973/media/ Frame 0E58 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8627345791007471973/media/9e00525871cb7736e652d05d5206493c.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8627345791007471973/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9a2736d645ee3c9e999a46c25f115f41ba6a1006ea60c2a554d0c00ae0ad8e80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8627345791007471973/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3101
x-xss-protection
0
last-modified
Tue, 25 Aug 2020 14:09:36 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Dec 2023 10:07:29 GMT
6afeb4c633da6b40b2d6b8eb1a8f45b4.svg
s0.2mdn.net/sadbundle/8627345791007471973/media/ Frame 0E58 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8627345791007471973/media/6afeb4c633da6b40b2d6b8eb1a8f45b4.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8627345791007471973/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7601ea78dd10893b626d1a00ee2527e6da2b9d2078b0caa4202a6af734da0aed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8627345791007471973/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 18 Dec 2022 11:54:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
511997
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1097
x-xss-protection
0
last-modified
Tue, 25 Aug 2020 14:09:36 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 18 Dec 2023 11:54:12 GMT
publishertag.prebid.130.js
static.criteo.net/js/ld/ Frame 70D3 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.130.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:29 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 17 Sep 2022 19:59:55 GMT
server
nginx
etag
W/"6326273b-16120"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 25 Dec 2022 10:07:29 GMT
publishertag.prebid.130.js
static.criteo.net/js/ld/ Frame 2C43 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.130.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:29 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 17 Sep 2022 19:59:55 GMT
server
nginx
etag
W/"6326273b-16120"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 25 Dec 2022 10:07:29 GMT
css
fonts.googleapis.com/ Frame CB79 		1015 B
426 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins:500
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8820714032462456054/4a8c088ddbaf19de3b1550de9d1a1ddc.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f2985f8e39270c409883a48f4a656e99d2bfd3aa8aa28d19583f36263d59a6d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 24 Dec 2022 10:07:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 24 Dec 2022 09:41:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 24 Dec 2022 10:07:29 GMT
bc9f8d33686bbdfe755886505037848e.jpg
s0.2mdn.net/sadbundle/8820714032462456054/media/ Frame CB79 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8820714032462456054/media/bc9f8d33686bbdfe755886505037848e.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8820714032462456054/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31fad68936d2867446a310ad3cb804ac96e7f269c9875fdf053812b0a242ea37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8820714032462456054/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 18 Dec 2022 11:03:49 GMT
x-content-type-options
nosniff
age
515020
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22505
x-xss-protection
0
last-modified
Sat, 05 Sep 2020 03:40:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 18 Dec 2023 11:03:49 GMT
b13eb8b79b5820f70b42e1eede02062a.jpg
s0.2mdn.net/sadbundle/8820714032462456054/media/ Frame CB79 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8820714032462456054/media/b13eb8b79b5820f70b42e1eede02062a.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8820714032462456054/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c5108bcc859c7707fd3881de37302d16da1bf5b1b9514245503674274f5ce11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8820714032462456054/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 18 Dec 2022 02:26:52 GMT
x-content-type-options
nosniff
age
546037
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40652
x-xss-protection
0
last-modified
Sat, 05 Sep 2020 03:40:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 18 Dec 2023 02:26:52 GMT
a7c814f6c9e6e3515a4307429e3dfceb.svg
s0.2mdn.net/sadbundle/8820714032462456054/media/ Frame CB79 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8820714032462456054/media/a7c814f6c9e6e3515a4307429e3dfceb.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8820714032462456054/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b93c60c5e811a3167be77549da632cbc9c83dc84913af1f3d598be0b332f3452
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8820714032462456054/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 18 Dec 2022 11:02:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
515106
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1889
x-xss-protection
0
last-modified
Sat, 05 Sep 2020 03:40:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 18 Dec 2023 11:02:23 GMT
648e1a54f3344eb3735e7f54c931b18f.svg
s0.2mdn.net/sadbundle/8820714032462456054/media/ Frame CB79 		7 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8820714032462456054/media/648e1a54f3344eb3735e7f54c931b18f.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8820714032462456054/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e1ce41d9568f496ed2c373cd6c7235bc603991d71061299474a362fa8c671d5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8820714032462456054/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 18 Dec 2022 14:00:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
504429
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2108
x-xss-protection
0
last-modified
Sat, 05 Sep 2020 03:40:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 18 Dec 2023 14:00:20 GMT
8957d96987db61932288c098a803e5e6.svg
s0.2mdn.net/sadbundle/8820714032462456054/media/ Frame CB79 		2 KB
892 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8820714032462456054/media/8957d96987db61932288c098a803e5e6.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8820714032462456054/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c56742d514c4231384aee359084d47c9e45ae27587f2b99fb7a11b3fcda07fd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8820714032462456054/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 18 Dec 2022 13:43:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
505447
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
854
x-xss-protection
0
last-modified
Sat, 05 Sep 2020 03:40:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 18 Dec 2023 13:43:22 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D13C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
289736
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 21 Dec 2022 01:38:33 GMT
expires
Thu, 21 Dec 2023 01:38:33 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 1A45 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f08400e1aef7432a2ba1bfd755193f59370ce42007b564162f17f99efed0998b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Msk7wseWwzokdJVo-symkg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-Msk7wseWwzokdJVo-symkg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 24 Dec 2022 10:07:29 GMT
expires
Sat, 24 Dec 2022 10:07:29 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
async_usersync.html
acdn.adnxs.com/dmp/ Frame CC56 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=hnhz&e=1544311770728
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
53037
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 24 Dec 2022 10:07:29 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 15 Dec 2022 19:23:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
100, 264421
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220059-HHN
X-Timer
S1671876449.209738,VS0,VE0
rd_log
fra1-ib.adnxs.com/ Frame 5B10 		0
930 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fforward.com%2F&e=wqT_3QLbDPBMWwYAAAMA1gAFAQjXnpudBhD18IevtJ6Bt30Yja-4qpOZ7ppWKjYJXwfOGVHaWz8RHOTzXyfCVD8ZAAAAgD0K7z8hHOTzXyfCVD8pYAcJJPCBMQAAAEDhepQ_MJeHhQw4mFBA6j9IAlCg7IB_WJ7Nf2AAaLHylwF49NgFgAEBigEDVVNEkgEDRVVSmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCU3VmKCdhJywgNTEyNjI3NCwgMCk7dWYoJ2knLCA1MjY5ODA3LBEUMGcnLCAxMzcwNjg1NywRFTByJywgMjY2MzUyMTYwBRb0FwGSAqUEIUpHTTVjd2pWbjRJWEVLRHNnSDhZQUNDZXpYOHdBRGdBUUFCSTZqOVFsNGVGREZnQVlMMEdhQUJ3QUhnQWdBRUFpQUVBa0FFQm1BRUJvQUVCcUFFQnNBRUF1UUhZSkpzTklkQmJQOEVCMkNTYkRTSFFXel9KQVFBQUFBQUFBUEFfMlFFQUFBQUFBQUR3UC1BQnI5TEJBdlVCQ3RjalBKZ0NBS0FDQWJVQ0FBQUFBTDBDQUFBQUFNQUNBTWdDQU5BQ0FOZ0NBT0FDQU9nQ0FQZ0NBSUFEQVpnREFib0RDVVpTUVRFNk5UWTNPZUFEaURDQUJJU2NuUVdJQkxib3B3V1FCQUdZQkFHNkJCb0loUVFSQUFBAZoQQTBEOFoFCQkBHGdnc2FMRHNFEa0UQTBEX0pCCRwFARQyQVFBOFER2WBBQUFJZ0ZyeXlwQlVnekZrMW5KLTRfc1FVARoJASxNRUZleFN1Ui1GNmgBTAE7HENDWnVzVV8wLigACE5rRgkx8EZBQThEX2dCYW9COEFYcHpNUUctQVdDOGJnQ2dnWURWVk5FaUFZQWtBWUJtQVlBb1FaN0ZLNUg0WHFFUDZnR0JMSUdKQWtBQRFNAEIVywxBQUJrERYIQUFDHRhETGdHQ2cuLpoClQEheFJTYXZnNikCKG5zMV9JQUFvQURGGW1Mem9KUmxKQk1UbzFOamM1UUlnd1MB3QEBDFBBX1URDAxBQUFXHQwAWREMDE5BX2ERDAxBQUFjHQwQZUFDSkERELhQQV_YAgDgApuFTuoCFGh0dHBzOi8vZm9yd2FyZC5jb20v8gIRCgZBRFZfSUQSB205MPICEgoGQ1BHX0lEEghxJRjyAgoKBUNQARQYATDyAg0KCAE2DEZSRVEREBxSRU1fVVNFUgUQABEJIDxDT0RFEgU1NzY2OfICIwoIAVYFFBgXMDBrM3AwAQFMdXh3T3dBQUlfZW5fNfICCwoHQ1AJJRwA8gIQCgVJTwF1AAdtwhjyAh0KB0lPCSEMEjAwNg1GYHhhc1NsQUFJ8gITCg9DVVNUT01fTU9ERUwBPRQA8gIaChYyFgAgTEVBRl9OQU1FAR0IHgoaNh0ACEFTVAE-EElGSUVEASEcDQoIU1BMSVQBTfCwATCAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APw0pIB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDgwLjI1NS43LjEwOKgEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANIEDjgxNzAjRlJBMTo1Njc52gQCCAHgBAHwBKDsgH-IBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAQx4AADYBQHgBQHwBZeCLfoFBAgAEACQBgCYBgC4BgDBBgkjKPA_0AboKdoGFgoQCREZAXQQABgA4AYB8gYCCACABwGIBwCgBwHIB_TYBdIHDQkRKAEmCNoHBgFdcBgA4AcA6gcCCADwB5bFA4oIAhAAlQgAAIA_mAgB&s=529d570a3576c45b5357f1fc96c7d26e0c56d346&bdref=https%3A%2F%2Fforward.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fforward.com%2F,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dhnhz%26e%3D1544311770728,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dhnhz%26e%3D1544311770728&
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=hnhz&e=1544311770728
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:29 GMT
AN-X-Request-Uuid
80ac7f87-db45-457f-940b-d86ee1b95809
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
B23339705.257557214;dc_ver=92.271;sz=728x90;u_sd=1;gdpr=0;aucid=2676217695102160909;crid=271391539;ioid=%24%7BINSERTION_ORDER_ID%7D;liid=%24%7BCAMPAIGN_ID%7D;segid=%24%7BPIXEL_ID_COMMA%7D;srcid=%24...
ad.doubleclick.net/ddm/adj/N163801.2560713PROPERTYSOLUTIONS/ Frame 07FC 		66 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N163801.2560713PROPERTYSOLUTIONS/B23339705.257557214;dc_ver=92.271;sz=728x90;u_sd=1;gdpr=0;aucid=2676217695102160909;crid=271391539;ioid=%24%7BINSERTION_ORDER_ID%7D;liid=%24%7BCAMPAIGN_ID%7D;segid=%24%7BPIXEL_ID_COMMA%7D;srcid=%24%7BSOURCE_URL%7D;dc_adk=1605363755;ord=t7e5vg;click=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3Fv9TPm4pUiD_ECJLUESKCPwAAAIA9Cu8_xAiS1BEigj-_1M-bilSIPw3QLYLQ1SMljRdONcm4NVZaz6ZjAAAAAJdDgQEYKAAA6h8AAAIAAAAzGy0QnuYfAAAAAABVU0QARVVSANgCWgAx-QAAAAABAQUCAAAAAMoAQiTUqQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%25215hWWJwjYrZAXELO2tIEBGJ7NfyAAKAAxmpmZmZmZuT86CUZSQTE6NTY4OUCIMEkAAAAAAADwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAADQP2kAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DODE3MCNGUkExOjU2ODk%3D%2Fbn%3D93235%2Fclickenc%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Fforward.com%2F$0;xdt=1;crlt=SGqX)'TyIK;gcsr=m;stc=1;chaa=1;sttr=1439;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v92.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
cafe /
Resource Hash
8a76e8c272bd9de2cb16e64d1a603192b22d0b3eb83d76f1ba1bb03e9b44d60c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:29 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28161
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
main.19.8.377.js
static.adsafeprotected.com/ Frame 9A69 		199 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.377.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/1218281/67368266/skeleton.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:4800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c3d6dd40d554051caae0e87609382cfbf0370ef9acd3beddd1ad5c0bfd335c15

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 23:56:39 GMT
x-amz-version-id
dX.ebh6MRkbxhfqjxJgTQokuZG2AvCpL
content-encoding
gzip
via
1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
987051
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 12 Dec 2022 16:54:47 GMT
server
AmazonS3
etag
W/"6021cd2c4605b3ba4a8f0769ad2e5fc0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
S9q2tkECEfScSsEl2ghDzJHTjq-f6ZLqHF74DS6q-MEe-0i5ovZMuQ==
oba_priv.sjs
imagesrv.adition.com/banners/270/ Frame 9A69 		2 KB
669 B 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/banners/270/oba_priv.sjs?oba=&domId=obaButton_7180654637074942986&btr=true&pos=top-right&cid=13779&aid=13779
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=tnpxzjf&e=1971603729092
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
d9a7d14f97a711fdb669a8f49951bfee07659988cd965c4c2416174038236ed2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 24 Dec 2022 10:07:29 GMT
content-encoding
br
content-length
607
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
async_usersync.html
acdn.adnxs.com/dmp/ Frame C438 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=tnpxzjf&e=1971603729092
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
53037
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 24 Dec 2022 10:07:29 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 15 Dec 2022 19:23:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
100, 264423
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220059-HHN
X-Timer
S1671876449.340529,VS0,VE0
rd_log
fra1-ib.adnxs.com/ Frame 9A69 		0
930 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fforward.com%2F&e=wqT_3QLoDPQhA2gGAAADANYABQEI1p6bnQYQscGZ1quur7ZnGI2vuKqTme6aVio2CZJqznA7FOA_ESJTu1PYwdg_GQAAAIAUruc_IUfFxpfsauQ_KRMPKJtyheo_MQAAAEDheoQ_MPmGhQw4mFBAsAlIAlC8h_zBAViezX9gAGix8pcBeMzYBYABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJodWYoJ2EnLCA5ODExNzAsIDApO3VmKCdpJywgNzg4MjczMCwgMCk7dWYoJ2cnLCAxOTg4NTYyNSwgMCk7dWYoJ3MnLCAyODA4OTA2NTksIDApO3VmKCdyJywgNDA2NzgyOTA4LCAwKTuSArUEIUIyZ09SZ2pKbzVZYUVMeUhfTUVCR0FBZ25zMV9NQUE0QUVBQVNMQUpVUG1HaFF4WUFHQzlCbWdBY0FCNEFJQUJBSWdCQUpBQkFaZ0JBYUFCQWFnQkFiQUJBTGtCQXZkeVRjVDk2RF9CQVd1S2h6OXpoZW9feVFFQUFBQUFBQUR3UDlrQlNETVdUV2NuN2pfZ0FlcVA0UVAxQVJ6dVJ6LVlBZ0NnQWdHMUFnQUFBQUM5QWdBQUFBREFBZ0RJQWdEUUFnRFlBZ0RnQWdEb0FnRDRBZ0NBQXdHWUF3R2lBdzRJbnQyeEp4QUJHQUl0QUFEQVFLSUREZ2llM2JFbkVBc1lBaTBBQU1CQXVnTUpSbEpCTVRvMU1qazQ0QU9JTUlBRTFlVHdDWWdFM3VUd0NaQUVBSmdFQWNFRUFBQUFBQUFBQUFESkJBQUFBQUFBQUFBQTJBUUE4UVFBQUFBQUFBQUFBSWdGc2ltWUJhT2EtSVVCcVFWSU14Wk5aeWZ1UDdFRkFBQUFBQUFBQUFEQkJRQUFBQUFBQUJoQXlRVUFBQUFBTGFuQVA5RUZBQUFBQUFBQUFBRFpCUUFBQUFBQUFQQV80QVdfaHdYd0JibmN2UW40QmJMeE80SUdBMFZWVW9nR0JKQUdBWmdHQUtFR0FBQUFBQUFBQUFDb0JnU3lCaVFKQUEJxgxBQUFSAQUNAQBaDQgBAQBoAQUJAVRDNEJnby6aApkBIUFCSVgtZ2pKbzVZWTkoSjdOZnlBQUtBQXgJMQUBYDZDVVpTUVRFNk5USTVPRUNJTUVsSU14Wk4lBQQxRQUlBQEERmsFBwUBAEcdGABHHRgASB0YEEhnQWlRERDwcUR3UHcuLtgCAOACm4VO6gIUaHR0cHM6Ly9mb3J3YXJkLmNvbS_yAhAKBkFEVl9JRBIGOTgxMTcw8gISCgZDUEdfSUQSCDE5ODg1NjI18gISCgVDUF9JRBIJMjgwODkwNjU58gINCghBRFZfRlJFURIBMAUQOFJFTV9VU0VSEgEw8gIMCgUgFENPREUSAAUPAVkRDxALCgdDUBUOEBAKBUlPAYgMBzc4OGHXAPIBIQRJTxUhOBMKD0NVU1RPTV9NT0RFTAErFADyAhoKFjIWABxMRUFGX05BTQVxCB4KGjYdAAhBU1QBPhBJRklFRAE-HBUKCFNQTElUAU0ACRXZ8LCAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APw0pIB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDgwLjI1NS43LjEwOKgEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADSBA4xMjAwI0ZSQTE6NTI5ONoEAggB4AQB8AS8h_zBAYgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAABDHQAANgFAeAFAfAFygH6BQQIABAAkAYAmAYAuAYAwQYJIijwP9AG8wPaBhYKEAkRGQF0EAAYAOAGAfIGAggAgAcBiAcAoAcByAfM2AXSBw0JESgBJgjaBwYBXXAYAOAHAOoHAggA8AeWxQOKCAIQAJUIAACAP5gIAQ..&s=62334f2d391adc0c7bfa24b5494e8fb6e7ea509d&bdref=https%3A%2F%2Fforward.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fforward.com%2F,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dtnpxzjf%26e%3D1971603729092,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dtnpxzjf%26e%3D1971603729092&
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=tnpxzjf&e=1971603729092
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:29 GMT
AN-X-Request-Uuid
e37d7439-f2cd-488a-95f4-c4b15b1910e3
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
publishertag.prebid.130.js
static.criteo.net/js/ld/ Frame E538 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.130.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:29 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 17 Sep 2022 19:59:55 GMT
server
nginx
etag
W/"6326273b-16120"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 25 Dec 2022 10:07:29 GMT
vevent
fra1-ib.adnxs.com/ Frame A4FA 		0
951 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fforward.com%2F&e=wqT_3QKoCvBMKAUAAAMA1gAFAQjWnpudBhDlyfuFx9nckjcYja-4qpOZ7ppWKjYJpk5AE2HDgz8RinaU0Wh1fT8ZAAAAgBSu5z8hinaU0Wh1fT8ppU4JJPCBMQAAAEDheoQ_MPmGhQw4mFBA6j9IAlDlyuVyWJ7Nf2AAaLHylwF4rIgGgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAlN1ZignYScsIDQ4MTkzNjksIDApO3VmKCdpJywgNDgyNDc0MRUULGcnLCAxMjczNDk3MRUVMHInLCAyNDA3Mzk2ODUFFvQXAZICpQQhSDJ0cVF3aTkzTlFWRU9YSzVYSVlBQ0Nlelg4d0FEZ0FRQUJJNmo5US1ZYUZERmdBWUwwR2FBQndBSGdBZ0FFQWlBRUFrQUVCbUFFQm9BRUJxQUVCc0FFQXVRSFBFS0RWX01HRFA4RUJ6eENnMWZ6Qmd6X0pBUUFBQUFBQUFQQV8yUUVBQUFBQUFBRHdQLUFCcGIybUF2VUJ6Y3pNUFpnQ0FLQUNBYlVDQUFBQUFMMENBQUFBQU1BQ0FNZ0NBTkFDQU5nQ0FPQUNBT2dDQVBnQ0FJQURBWmdEQWJvRENVWlNRVEU2TmpZeU1lQURpRENBQklmcnhRU0lCTmJ3eXdTUUJBR1lCQUc2QkJvSWhRUVJBQUEBmhBBMEQ4WgUJCQEcZ2dzYUxEc0URrRRBMERfSkIJHAUBFDJBUUE4URHZYEFBQUlnRjNUT3BCVWd6RmsxbkotNF9zUVUBGgkBGE1FRm1wbVoBAhB1VF9KQgE7HEVCN3NyZ18wLigACE5rRgkxyEFBOERfZ0JjVUg4QVg3bzRrRy1BV3BrNllDZ2dZRFZWTkVpQVlBa0FZQm1BWUFvUWFhbQVeMG01UDZnR0JMSUdKQWsRSwhBQUIVywxBQUJrGRgAQx0YRExnR0NnLi6aApUBIWxoWnFhZzYpAihuczFfSUFBb0FERxltTHpvSlJsSkJNVG8yTmpJeFFJZ3dTAd0BAQxQQV9VEQwMQUFBVx0MAFkRDAxOQV9hEQwMQUFBYx0MEGVBQ0pBERDw9VBBX9gCAOACm4VO6gIUaHR0cHM6Ly9mb3J3YXJkLmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APw0pIB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDgwLjI1NS43LjEwOKgEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADSBA44MTcwI0ZSQTE6NjYyMdoEAggB4AQB8ATlyuVyiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFpMYq-gUECAAQAJAGAJgGALgGAMEGAAUlKPA_0AboKdoGFgoQBRAdAXQQABgA4AYB8gYCCACABwGIBwCgBwHIB6yIBtIHDQkRKQEmCNoHBgFdcBgA4AcA6gcCCADwB5bFA4oIAhAAlQgAAIA_mAgB&s=c03dbf243cae674b3f2fe2ec028f4c3cc360d0da&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=250&sid=1425382271713132305&vd=ct~0|rr~0&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=25248633&sw=1600&sh=1200&pw=1600&ph=250&ww=1600&wh=250&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/231/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:29 GMT
AN-X-Request-Uuid
eaaf42aa-acb5-458e-af30-0e5c3531aec6
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame F597 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1654713&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:29 GMT
AN-X-Request-Uuid
83ffa362-ae25-4d82-9e14-35fb8964fae7
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 6800 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1654713&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:29 GMT
AN-X-Request-Uuid
99718fe8-cf77-4683-92dd-46683f7efb0d
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
publishertag.prebid.130.js
static.criteo.net/js/ld/ Frame ABF1 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.130.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:29 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 17 Sep 2022 19:59:55 GMT
server
nginx
etag
W/"6326273b-16120"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 25 Dec 2022 10:07:29 GMT
async_usersync
ib.adnxs.com/ Frame 699A 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1654713&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:29 GMT
AN-X-Request-Uuid
846c4683-ea0b-4f22-b357-edd715e1d077
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 9BC9 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Sat, 24 Dec 2022 10:07:29 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 9BC9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJ57NvDKF-zGmN4-Sfn3qpU&google_cver=1
43 B
838 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJ57NvDKF-zGmN4-Sfn3qpU&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:30 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PJvpYLWrz257LCcgL841fl9TcEKZ6cH5yvA728JGKs9NaelAS1zDaVSxLB133r75aWoKITrb1nBnHozPkYjBP0QrgSj665QmRf7xh%2BC1hahpYsu8Dj8R6lgo%2FTs86RMRGH3lzD31PTi9Ig%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
77e887c5efde9a1d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJ57NvDKF-zGmN4-Sfn3qpU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 9BC9 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 24 Dec 2022 10:07:30 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
ibs:dpid=23728&dpuuid=Y6bPWOa4eXFjFoTtryyD1wAA%261203
dpm.demdex.net/ Frame 9BC9 		42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y6bPWOa4eXFjFoTtryyD1wAA%261203?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.144.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-144-110.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v045-09e3db1c5.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
j4OHTtXjTF0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 9BC9
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
2a05:d018:d29:3605:965e:3ef:16d0:9a4c Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:31 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB
date
Sat, 24 Dec 2022 10:07:30 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
bridge
cm.adgrx.com/ Frame 9BC9 		43 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.95.96.108 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:30 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
ams-delivery-10
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT
Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 9BC9 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y6bPWOa4eXFjFoTtryyD1wAABLMAAAIB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:965e:3ef:16d0:9a4c Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:30 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
ix
ad4m.at/ad/sim/ Frame 9BC9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
htw-pixel.gif
cdn.indexww.com/ht/ Frame 9BC9 		43 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y6bPWOa4eXFjFoTtryyD1wAA%261203
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:30 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
5293
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77e887c58e432c06-FRA
content-length
43
expires
Sun, 25 Dec 2022 10:07:30 GMT
sync
ap.lijit.com/ Frame 4ABA 		80 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/sync
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/www/delivery/fpi.js?z=1051987&width=728&height=90
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
fcc5ada8cc56a76efada75936c6a614116a2e339ac18c72322a4ccce8057c93d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:29 GMT
Content-Encoding
gzip
Last-Modified
Wed, 07 Dec 2022 17:52:05 GMT
Server
nginx
ETag
W/"6390d2c5-14179"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=86400, must-revalidate
X-Sovrn-Pod
ad_ap1ams1
Expires
Sun, 25 Dec 2022 10:07:29 GMT
sync
ap.lijit.com/ Frame DB03 		80 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/sync
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/www/delivery/fpi.js?z=1051987&width=728&height=90
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
fcc5ada8cc56a76efada75936c6a614116a2e339ac18c72322a4ccce8057c93d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:29 GMT
Content-Encoding
gzip
Last-Modified
Wed, 07 Dec 2022 17:52:05 GMT
Server
nginx
ETag
W/"6390d2c5-14179"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=86400, must-revalidate
X-Sovrn-Pod
ad_ap1ams1
Expires
Sun, 25 Dec 2022 10:07:29 GMT
async_usersync
ib.adnxs.com/ Frame 7AE1 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1654713&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:29 GMT
AN-X-Request-Uuid
1eb7ed99-9f3f-413f-9b86-8367fd37240b
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 1D9A 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1654713&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:29 GMT
AN-X-Request-Uuid
3352fa5b-25eb-4056-94a9-35179667bee4
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 1CC5 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
53038
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 24 Dec 2022 10:07:29 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 15 Dec 2022 19:23:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
100, 264424
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220059-HHN
X-Timer
S1671876449.436509,VS0,VE0
ixmatch.html
js-sec.indexww.com/um/ Frame B012 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
419
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
77e887c0feea2bd2-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 10:07:29 GMT
expires
Sat, 24 Dec 2022 14:07:29 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E327 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=157691
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sat, 24 Dec 2022 10:07:29 GMT
expires
Mon, 26 Dec 2022 05:55:40 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 9CD8 		281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 10:07:29 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B3FF 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=157691
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sat, 24 Dec 2022 10:07:29 GMT
expires
Mon, 26 Dec 2022 05:55:40 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame B74B 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
53037
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 24 Dec 2022 10:07:29 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 15 Dec 2022 19:23:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
100, 271609
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220042-HHN
X-Timer
S1671876449.447743,VS0,VE0
usync.html
eus.rubiconproject.com/ Frame 566A 		281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 10:07:29 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame D240 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
419
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
77e887c10f2e2bd2-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 10:07:29 GMT
expires
Sat, 24 Dec 2022 14:07:29 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
publishertag.prebid.130.js
static.criteo.net/js/ld/ Frame CE88 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.130.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:29 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 17 Sep 2022 19:59:55 GMT
server
nginx
etag
W/"6326273b-16120"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 25 Dec 2022 10:07:29 GMT
publishertag.prebid.130.js
static.criteo.net/js/ld/ Frame 5DDA 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.130.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:29 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 17 Sep 2022 19:59:55 GMT
server
nginx
etag
W/"6326273b-16120"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 25 Dec 2022 10:07:29 GMT
banner
ad2.adfarm1.adition.com/ Frame 7DB7 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad2.adfarm1.adition.com/banner?sid=3935728&adjsver=3&fvers=&iframe=1&ref=https%3A//flashnetic.com/r/p.html%3Ff%3Djxkpnhr%26e%3D1544311770728&ro=https%3A//flashnetic.com/r/p.html%3Ff%3Djxkpnhr%26e%3D1544311770728&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/108.0.5359.124%20Safari/537.36&os=17&browser=11&userid=7180654624183416986&kid=5357536&kw=PACS%5F4751363%5F16301114&gdpr=0&screen_res=6&wpt=J&clickurl=https%3A%2F%2Ffra1%2Dib.adnxs.com%2Fclick%3Fk653z5Oysz%5FLwY9BKFSuPwAAAIA9Cu8%5FKcz3Y8W2tj8aL90kBoG9P4i9CedR9m5qjRdONcm4NVZXz6ZjAAAAAJdDgQEYKAAAsAQAAAIAAAA89xEWnuYfAAAAAABVU0QARVVSANgCWgAx%2DQAAAAABAQUCAAAAAMoAEyY8SgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521PBIcEgiWzrgZELzux7ABGJ7NfyAAKAAxAAAAAAAAAAA6CUZSQTE6NTY4N0CIMElIMxZNZyfuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTIwMCNGUkExOjU2ODc%3D%2Fbn%3D93360%2Fclickenc%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7180654649936841738%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7180654624183416986%2526sid%253D4751363%2526kid%253D5371872%2526bid%253D16301114%2526c%253D58636%2526keyword%253D%25255Bmtp%25255D%252528cid%252529370276156%25255BAAID%25255D%25255BIDFA%25255D%25255Bu%25255Dhttps%25253A%25252F%25252Fforward.com%25252F%25255Bp%25255D1654713%25255Bmtp%25255D%252528segc%252529%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D
Requested by
Host: ad2.adfarm1.adition.com
URL: https://ad2.adfarm1.adition.com/js?wp_id=3935728&gdpr=0&gdpr_consent=&ts=7180654649936841738&kid=5357536&keyword=PACS_4751363_16301114&clickurl=https%3A%2F%2Ffra1%2Dib.adnxs.com%2Fclick%3Fk653z5Oysz%5FLwY9BKFSuPwAAAIA9Cu8%5FKcz3Y8W2tj8aL90kBoG9P4i9CedR9m5qjRdONcm4NVZXz6ZjAAAAAJdDgQEYKAAAsAQAAAIAAAA89xEWnuYfAAAAAABVU0QARVVSANgCWgAx%2DQAAAAABAQUCAAAAAMoAEyY8SgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521PBIcEgiWzrgZELzux7ABGJ7NfyAAKAAxAAAAAAAAAAA6CUZSQTE6NTY4N0CIMElIMxZNZyfuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTIwMCNGUkExOjU2ODc%3D%2Fbn%3D93360%2Fclickenc%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7180654649936841738%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7180654624183416986%2526sid%253D4751363%2526kid%253D5371872%2526bid%253D16301114%2526c%253D58636%2526keyword%253D%25255Bmtp%25255D%252528cid%252529370276156%25255BAAID%25255D%25255BIDFA%25255D%25255Bu%25255Dhttps%25253A%25252F%25252Fforward.com%25252F%25255Bp%25255D1654713%25255Bmtp%25255D%252528segc%252529%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.21 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad2.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
7d68346937239319750a04e6e3e8feaef521d80f533f889fa82426effb3e7640

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:07:29 +0100
content-encoding
gzip
server
ADITIONSERVER v1.0
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
content-type
text/javascript
cache-control
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame ABF2 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=pjbsvsf&e=1544311770728
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
53038
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 24 Dec 2022 10:07:29 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 15 Dec 2022 19:23:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
100, 264425
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220059-HHN
X-Timer
S1671876449.483456,VS0,VE0
rd_log
fra1-ib.adnxs.com/ Frame 3CF9 		0
930 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fforward.com%2F&e=wqT_3QLeDPBMXgYAAAMA1gAFAQjXnpudBhC8v76dkdvgtEIYja-4qpOZ7ppWKjYJYmLzcW2oiD8RZv-sz5Zggj8ZAAAAgD0K7z8hZv-sz5Zggj8pY2IJJPCBMQAAAEDhepQ_MJeHhQw4mFBA6j9IAlCEg9eLAViezX9gAGix8pcBeKDZBYABAYoBA1VTRJIBA0VVUpgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAlN1ZignYScsIDI5Mzk3MDcsIDApO3VmKCdpJywgMzgxMTA3NhUULGcnLCAxMTcxNjk2NxUVFHInLCAyOQECCDkyNAUW8IuSAqUEIVNXdERRQWpNc01RVEVJU0QxNHNCR0FBZ25zMV9NQUE0QUVBQVNPb19VSmVIaFF4WUFHQzlCbWdBY0FCNEFJQUJBSWdCQUpBQkFaZ0JBYUFCQWFnQkFiQUJBTGtCNkwta3ltYW1pRF9CQWVpX3BNcG1wb2dfeVFFQUFBQUFBQUR3UDlrQkFBQQUOdDhEX2dBWVRPNkFIMUFjM016RDJZQWdDZ0FnRzFBZwEjBEM5CQjwW0RBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdHQUF3R1lBd0c2QXdsR1VrRXhPalUwTkRuZ0E0Z3dnQVRxZ2NBRGlBVHRvTzBEa0FRQm1BUUJ1Z1FhQ0lVRUVRAWgcQUFBTkFfR1EBCQkBIElJTEdpdzdCQgkPBSAEeVEdIRhOZ0VBUEVFER9cQUFDSUJja3FxUVZJTXhaTlp5ZnVQN0VGGSAYREJCWnFabQECFGJrX3lRVQE0GEFfOC0tUDkyKAAEWkIRZ8BQQV80QVcwQ2ZBRjU1TExCZmdGdTdhekFZSUdBMVZUUklnR0FKQUdBWmdHQUtFR21wBV4wWnVULW9CZ1N5QmlRShmABEFSHQwAWh0MAGgZDEBDNEJnby6aApkBITBoV0pJQTopAihKN05meUFBS0FBeBltUDg2Q1VaU1FURTZOVFEwT1VDSU1Faw1UDER3UDE9JABGERgMQUFBRxEYDERRUDIdGABIERgYQUFBSGdBaS49AvBDdy4u2AIA4AKbhU7qAhRodHRwczovL2ZvcndhcmQuY29tL_ICEQoGQURWX0lEEgcyOTM5NzA38gISCgZDUEdfSUQSCDFtKUTyAgoKBUNQX0lEEgEw8gINCggBNgxGUkVRERAcUkVNX1VTRVIFEAARCSA8Q09ERRIFMzA2NDbyAiAKCAFWBRQYFDAwazM5MAEBQHA1OTFUQUFRXzLyAgsKB0NQCSIcAPICEAoFSU8BcjgHMzgxMTA3NvICHQoHSU8JIQwSMDA2DUNgckhNQ1ZBQTTyAhMKD0NVU1RPTV9NT0RFTAE9FADyAhoKFjIWACBMRUFGX05BTUUBHQgeCho2HQAIQVNUAT4QSUZJRUQBIRwNCghTUExJVAFN8LABMIADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA_DSkgHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMODAuMjU1LjcuMTA4qAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA0gQOODE3MCNGUkExOjU0NDnaBAIIAeAEAfAEhIPXiwGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAFDHgAANgFAeAFAfAFpccs-gUECAAQAJAGAJgGALgGAMEGCSQo8D_QBugp2gYWChAJERkBdBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHoNkF0gcNCREoASYI2gcGAV1wGADgBwDqBwIIAPAHlsUDiggCEACVCAAAgD-YCAE.&s=7d8a9232e5110f0878a1bc4b8418ffd150f89310&bdref=https%3A%2F%2Fforward.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fforward.com%2F,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dpjbsvsf%26e%3D1544311770728,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dpjbsvsf%26e%3D1544311770728&
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=pjbsvsf&e=1544311770728
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:29 GMT
AN-X-Request-Uuid
5604d587-2016-4351-b78b-7dfc58e8c160
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 87D9 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1654713&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:29 GMT
AN-X-Request-Uuid
a4818fc0-279f-44ea-b7a5-ec9d786842d8
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame EB94 		281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 10:07:29 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame E477 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
419
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
77e887c15fb92bd2-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 10:07:29 GMT
expires
Sat, 24 Dec 2022 14:07:29 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 1A9F 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
53037
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 24 Dec 2022 10:07:29 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 15 Dec 2022 19:23:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
100, 271610
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220042-HHN
X-Timer
S1671876449.493883,VS0,VE0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D83F 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=157691
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sat, 24 Dec 2022 10:07:29 GMT
expires
Mon, 26 Dec 2022 05:55:40 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
publishertag.prebid.130.js
static.criteo.net/js/ld/ Frame 582D 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.130.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:29 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 17 Sep 2022 19:59:55 GMT
server
nginx
etag
W/"6326273b-16120"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 25 Dec 2022 10:07:29 GMT
publishertag.prebid.130.js
static.criteo.net/js/ld/ Frame 0189 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.130.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:29 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 17 Sep 2022 19:59:55 GMT
server
nginx
etag
W/"6326273b-16120"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 25 Dec 2022 10:07:29 GMT
QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
pagead2.googlesyndication.com/bg/ Frame B7EB 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 10:16:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
172242
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15878
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Dec 2023 10:16:47 GMT
QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
pagead2.googlesyndication.com/bg/ Frame 8E6D 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 10:16:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
172242
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15878
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Dec 2023 10:16:47 GMT
QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
pagead2.googlesyndication.com/bg/ Frame 0332 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 10:16:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
172242
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15878
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Dec 2023 10:16:47 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 37B9 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=r20100101&st=int
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/xfa/sodar_loader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9b16d376b325f38249de8eb4a440f3dc6d85ab2655b0b2fdf53fd090d91037fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:29 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5645
x-xss-protection
0
ft.stat
stat.flashtalking.com/reportV3/ Frame 0E9D 		1 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stat.flashtalking.com/reportV3/ft.stat?216800443-6162252;3290827;28432533-306-0-547141C502C1FA-307692012
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=omaxbbue&e=1544311770728
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-99.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:29 GMT
Last-Modified
Thu, 28 Jun 2012 14:38:09 GMT
Server
AkamaiNetStorage
ETag
"c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type
text/plain
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1
Expires
Sat, 24 Dec 2022 10:07:29 GMT
ft.stat
stat.flashtalking.com/reportV3/ Frame F2A8 		1 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stat.flashtalking.com/reportV3/ft.stat?216800443-6162252;3290827;28432533-306-0-547141C502C1FA-670822106
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=rnekscbjcg&e=1544311770728
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-99.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:29 GMT
Last-Modified
Thu, 28 Jun 2012 14:38:09 GMT
Server
AkamaiNetStorage
ETag
"c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type
text/plain
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1
Expires
Sat, 24 Dec 2022 10:07:29 GMT
QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
pagead2.googlesyndication.com/bg/ Frame 0385 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 10:16:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
172242
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15878
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Dec 2023 10:16:47 GMT
vevent
fra1-ib.adnxs.com/ Frame D573 		0
951 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fforward.com%2F&e=wqT_3QKuCvBMLgUAAAMA1gAFAQjWnpudBhDw-NC55ZavvgUYja-4qpOZ7ppWKjYJ8FAU6BN5gj8RRiAgmBGJez8ZAAAAgBSu5z8hRiAgmBGJez8p8FAJJPCaMQAAAEDheoQ_MPmGhQw4mFBA6j9IAlCV4uuxAViezX9gAGix8pcBeL3YBIABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJTdWYoJ2EnLCAyOTQwNzg5LCAwKTt1ZignaScsIDQ4MjM5MzAsIDApO3VmKCdnJywgMTI3MjgyNzIsIDAJKfCacicsIDM3Mjk2MTU1NywgMCk7kgKlBCFEbVpHTndqSWhOUVZFSlhpNjdFQkdBQWduczFfTUFBNEFFQUFTT29fVVBtR2hReFlBR0M5Qm1nQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkFhZ0JBYkFCQUxrQkR6aUNNWDk2Z2pfQkFRODRnakZfZW9JX3lRRUFBQUFBQUFEd1A5a0IBCgEBdDhEX2dBZnEycGdMMUFjM016RDJZQWdDZ0FnRzFBZwEiBEM5CQjwW0RBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0c2QXdsR1VrRXhPalUyT0RIZ0E0Z3dnQVRyMzhVRWlBU1h0c3NFa0FRQm1BUUJ1Z1FhQ0lVRUVRAWgcQUFBTkFfR1EBCQkBIElJTEdpdzdCQgkPBSAEeVEdIRhOZ0VBUEVFER9cQUFDSUJiRXNxUVZJTXhaTlp5ZnVQN0VGGSAYREJCWnFabQECQGJrX3lRVUFBQUJBSGhtM1A5MigABFpCEWfAUEFfNEFXR0JfQUYwTy1JQnZnRjliNnpBWUlHQTFWVFJJZ0dBSkFHQVpnR0FLRUdtcAVeMFp1VC1vQmdTeUJpUUoZgARBUh0MAFodDABoGQxAQzRCZ28umgKZASFYQlpFVmc6KQIoSjdOZnlBQUtBQXgZbVA4NkNVWlNRVEU2TlRZNE1VQ0lNRWsNVAxEd1AxPSQARhEYDEFBQUcRGAxEUVAyHRgASBEYGEFBQUhnQWkuPQLw9XcuLtgCAOACm4VO6gIUaHR0cHM6Ly9mb3J3YXJkLmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APw0pIB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDgwLjI1NS43LjEwOKgEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADSBA44MTcwI0ZSQTE6NTY4MdoEAggB4AQB8ASV4uuxAYgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBferGfoFBAgAEACQBgCYBgC4BgDBBgklKPA_0AboKdoGFgoQCREZAXQQABgA4AYB8gYCCACABwGIBwCgBwHIB73YBNIHDQkRKAEmDNoHBggFCWjgBwDqBwIIAPAHlsUDiggCEACVCAAAgD-YCAE.&s=d3d56e3926c98c389b96ddb6a196d99405db962d&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=250&sid=1425382271713132305&vd=ct~0|rr~0&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=25248633&sw=1600&sh=1200&pw=1600&ph=250&ww=1600&wh=250&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/231/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:29 GMT
AN-X-Request-Uuid
c04d38fe-d19b-4ed5-8b81-a79c2b2f359d
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 0F1F 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9978410e404c2f058fe25e4d4a70899c7a817bc0b86eddb39d97e827038aa770

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:29 GMT
content-encoding
gzip
last-modified
Sat, 24 Dec 2022 03:57:26 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=64187
content-length
10066
expires
Sun, 25 Dec 2022 03:57:16 GMT
usync.js
eus.rubiconproject.com/ Frame B404 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9978410e404c2f058fe25e4d4a70899c7a817bc0b86eddb39d97e827038aa770

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:29 GMT
content-encoding
gzip
last-modified
Sat, 24 Dec 2022 03:57:26 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=64187
content-length
10066
expires
Sun, 25 Dec 2022 03:57:16 GMT
df8b11594e2d0e5c459eaffb4d9dc13a.js
s0.2mdn.net/sadbundle/17869387440646609525/ Frame 1F66 		73 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17869387440646609525/df8b11594e2d0e5c459eaffb4d9dc13a.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17869387440646609525/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3eeb1b363904ff127777872ae332aa15167d4484a78435080cd98ec6f8140d50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17869387440646609525/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 18 Dec 2022 08:50:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
523021
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19118
x-xss-protection
0
last-modified
Sun, 13 Jun 2021 08:51:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 18 Dec 2023 08:50:28 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 301F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120501&jk=1984178023533098&rc=
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
ft.stat
stat.flashtalking.com/reportV3/ Frame 434A 		1 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stat.flashtalking.com/reportV3/ft.stat?216800443-6162252;3290827;28432533-306-0-547141C502C1FA-135622770
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=ppqndwhs&e=1544311770728
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-99.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:29 GMT
Last-Modified
Thu, 28 Jun 2012 14:38:09 GMT
Server
AkamaiNetStorage
ETag
"c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type
text/plain
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1
Expires
Sat, 24 Dec 2022 10:07:29 GMT
skeleton.js
static.adsafeprotected.com/ Frame 0E9D
Redirect Chain
  • https://pixel.adsafeprotected.com/rfw/st/992712/61653181/skeleton.js?951933410&adsafe_url=https%3A%2F%2Fforward.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fforward.com%2F&adsafe_type=c&adsafe_url=ht...
  • https://static.adsafeprotected.com/skeleton.js?951933410
17 B
463 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js?951933410
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=omaxbbue&e=1544311770728
Protocol
H2
Server
2600:9000:21f3:4800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:50:24 GMT
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via
1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
8230627
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
BcXPSfoWxw5206vtKd2zV2Qyhv7L5y8U2LpRQu2VJENCNguuPowfVw==

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:29 GMT
server
nginx
x-server-name
app16.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.js?951933410
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 25DC 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=omaxbbue&e=1544311770728
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:4800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
8101873
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
5fJK68V8qiGiLdm7YL-bolpD_HPOezjKJBhGdKm5mcN0nrzhcRYx2A==
skeleton.js
static.adsafeprotected.com/ Frame F2A8
Redirect Chain
  • https://pixel.adsafeprotected.com/rfw/st/992712/61653181/skeleton.js?420702640&adsafe_url=https%3A%2F%2Fforward.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fforward.com%2F&adsafe_type=c&adsafe_url=ht...
  • https://static.adsafeprotected.com/skeleton.js?420702640
17 B
463 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js?420702640
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=rnekscbjcg&e=1544311770728
Protocol
H2
Server
2600:9000:21f3:4800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:50:24 GMT
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via
1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
8230627
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
9lU8xvfRqOGGxQ_tG8tvGSzAi883vLaD1IDVjqpg4ki20OUNmprilg==

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:29 GMT
server
nginx
x-server-name
app12.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.js?420702640
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame CCF5 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=rnekscbjcg&e=1544311770728
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:4800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
8101873
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
c8ZlOTdZMQO7WipGUD0hYolH2eX58k0jFySrJbCqSnp3sC4jwKBAAA==
vevent
fra1-ib.adnxs.com/ Frame A931 		0
951 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fforward.com%2F&e=wqT_3QKNC_BMjQUAAAMA1gAFAQjVnpudBhCSr8ryp4fK11oYja-4qpOZ7ppWKjYJbqMBvAUShD8Rjrw5fbkmfz8ZAAAAgD0K7z8hjrw5fbkmfz8pbqMJJPCBMQAAAEDhepQ_MJeHhQw4mFBAqTlIAlCgxcedAViezX9gAGix8pcBeNXXBYABAYoBA1VTRJIBA0VVUpgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAml1ZignYScsIDE2OTQzNjgsIDApO3VmKCdpJywgNTI0OTAyMBUULGcnLCAxNzgwMTcxORUVMHMnLCAyNzY2MTc1MDAVFjByJywgMzMwNDI0OTkyBRbwtpIC8QQha0hnZWhRaXo2WkFaRUtERng1MEJHQUFnbnMxX01BRTRBRUFBU0trNVVKZUhoUXhZQUdDOUJtZ0FjQUI0QUlBQkFJZ0JBSkFCQVpnQkFhQUJBcWdCQXJBQkFMa0Izd0FGUlozcWdqX0JBWGRzZ0owV0U0UV95UUVBQUFBQUFBRHdQOWtCU0RNV1RXY243al9nQWZ5dndBTDFBWVhya1QtWUFnQ2dBZ0MxQWdBQUFBQzlBZwE58FVEQUFnRElBZ0RRQWdEWUFnRGdBdm5jbVNIb0FvZmFscDBHLUFJQWdBTUJtQU1Cb2dNT0NQdXR2aWNRQkJnQkxUbEtPRHFpQXc0SS1keVpJUkFKR0FJdAFagEFLSURFd2l4LU40bUVBb1lBUzExWUpZX01nTjFibXVpQRk0BExHETTATG9EQ1VaU1FURTZOVE14Ti1BRGlEQ0FCTGlqaXdpSUJPdl9xQWlRQkFHWUJBVEJCQQVqBQEIeVFRBQgFARhOZ0VBUEVFBQwFAVBDSUJjVXBtQVdjc3ZPREFha0ZTRE0tLAgteEIdOwh3UVUFMgUBCE1rRgEIHFlOSmQ3el9SLigAADIVKPBDRHdQLUFGMUFmd0JmZkR2Z2o0QmFDMVo0SUdBMFZWVW9nR0FKQUdBWmdHQUtFR1BRclhvM0E5OGotb0JnU3lCaVFKQUEBZgUBAFIFBgkBAFoJBwUBAGgFBgUBQEM0QmdvLpoCmQEhaVJWS0pBOnUCLEo3TmZ5QUFLQUF4UBVtBDg2MlkBQDBDSU1FbElNeFpOWnlmdVAxPSwERmsFZwUBAEcdGABHHRgASB0YDEhnQWkuiQLw9XcuLtgCAOACm4VO6gIUaHR0cHM6Ly9mb3J3YXJkLmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APw0pIB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDgwLjI1NS43LjEwOKgEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANIEDjczMzcjRlJBMTo1MzE32gQCCAHgBAHwBKDFx50BiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFhQH6BQQIABAAkAYAmAYAuAYAwQYAAAElKPA_0Aa0JdoGFgoQAQ8uAQB0EAAYAOAGAfIGAggAgAcBiAcAoAcByAfV1wXSBw0JESoBJgzaBwYIBQlo4AcA6gcCCADwB5bFA4oIAhAAlQgAAIA_mAgB&s=47daefe9c46a3f52b48db0accb93a4dc543a0e2c&type=pv&jm=1003&bw=728&bh=90&sf=1&sid=1425382271713132305&vd=ct~0|rr~6&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=25248663&cid=3&cr=pv&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/231/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:29 GMT
AN-X-Request-Uuid
3fc09159-30ab-45e7-a233-32f39ba254b2
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
fra1-ib.adnxs.com/ Frame 90BF 		0
951 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fforward.com%2F&e=wqT_3QKNC_BMjQUAAAMA1gAFAQjVnpudBhDq8rnR6bepgVsYja-4qpOZ7ppWKjYJbqMBvAUShD8Rjrw5fbkmfz8ZAAAAgD0K7z8hjrw5fbkmfz8pbqMJJPCBMQAAAEDhepQ_MJeHhQw4mFBAqTlIAlCgxcedAViezX9gAGix8pcBeN_wBYABAYoBA1VTRJIBA0VVUpgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAml1ZignYScsIDE2OTQzNjgsIDApO3VmKCdpJywgNTI0OTAyMBUULGcnLCAxNzgwMTcxORUVMHMnLCAyNzY2MTc1MDAVFjByJywgMzMwNDI0OTkyBRbwtpIC8QQha25pTWhnaXo2WkFaRUtERng1MEJHQUFnbnMxX01BRTRBRUFBU0trNVVKZUhoUXhZQUdDOUJtZ0FjQUI0QUlBQkFJZ0JBSkFCQVpnQkFhQUJBcWdCQXJBQkFMa0Izd0FGUlozcWdqX0JBWGRzZ0owV0U0UV95UUVBQUFBQUFBRHdQOWtCU0RNV1RXY243al9nQWZ5dndBTDFBWVhya1QtWUFnQ2dBZ0MxQWdBQUFBQzlBZwE58FVEQUFnRElBZ0RRQWdEWUFnRGdBdm5jbVNIb0FvZmFscDBHLUFJQWdBTUJtQU1Cb2dNT0NQdXR2aWNRQkJnQkxUbEtPRHFpQXc0SS1keVpJUkFKR0FJdAFagEFLSURFd2l4LU40bUVBb1lBUzExWUpZX01nTjFibXVpQRk0BExHETTATG9EQ1VaU1FURTZOVE14T09BRGlEQ0FCTGlqaXdpSUJPdl9xQWlRQkFHWUJBVEJCQQVqBQEIeVFRBQgFARhOZ0VBUEVFBQwFAVBDSUJjWXBtQVdjc3ZPREFha0ZTRE0tLAgteEIdOwh3UVUFMgUBCE1rRgEIHFlOSmQ3el9SLigAADIVKPBDRHdQLUFGMUFmd0JmZkR2Z2o0QmFDMVo0SUdBMFZWVW9nR0FKQUdBWmdHQUtFR1BRclhvM0E5OGotb0JnU3lCaVFKQUEBZgUBAFIFBgkBAFoJBwUBAGgFBgUBQEM0QmdvLpoCmQEhaWhXUUpBOnUCLEo3TmZ5QUFLQUF4UBVtBDg2MlkBQEVDSU1FbElNeFpOWnlmdVAxPSwERmsFZwUBAEcdGABHHRgASB0YDEhnQWkuiQLw9XcuLtgCAOACm4VO6gIUaHR0cHM6Ly9mb3J3YXJkLmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APw0pIB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDgwLjI1NS43LjEwOKgEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANIEDjczMzcjRlJBMTo1MzE42gQCCAHgBAHwBKDFx50BiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFhQH6BQQIABAAkAYAmAYAuAYAwQYAAAElKPA_0Aa0JdoGFgoQAQ8uAQB0EAAYAOAGAfIGAggAgAcBiAcAoAcByAff8AXSBw0JESoBJgzaBwYIBQlo4AcA6gcCCADwB5bFA4oIAhAAlQgAAIA_mAgB&s=00a3ae6a7ce490bd4bc009e881ed85cc9a3e4718&type=pv&jm=1003&bw=728&bh=90&sf=1&sid=1425382271713132305&vd=ct~0|rr~6&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=25248663&cid=3&cr=pv&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/231/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:29 GMT
AN-X-Request-Uuid
c0897de4-c51f-499d-88eb-9fef5d31f15e
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
fra1-ib.adnxs.com/ Frame 9393 		0
951 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fforward.com%2F&e=wqT_3QKNC_BMjQUAAAMA1gAFAQjVnpudBhCR--Cnvf3Eg24Yja-4qpOZ7ppWKjYJbqMBvAUShD8Rjrw5fbkmfz8ZAAAAgD0K7z8hjrw5fbkmfz8pbqMJJPCBMQAAAEDhepQ_MJeHhQw4mFBAqTlIAlCgxcedAViezX9gAGix8pcBeIzZBYABAYoBA1VTRJIBA0VVUpgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAml1ZignYScsIDE2OTQzNjgsIDApO3VmKCdpJywgNTI0OTAyMBUULGcnLCAxNzgwMTcxORUVMHMnLCAyNzY2MTc1MDAVFjByJywgMzMwNDI0OTkyBRbwtpIC8QQhZlhpTmVBaXo2WkFaRUtERng1MEJHQUFnbnMxX01BRTRBRUFBU0trNVVKZUhoUXhZQUdDOUJtZ0FjQUI0QUlBQkFJZ0JBSkFCQVpnQkFhQUJBcWdCQXJBQkFMa0Izd0FGUlozcWdqX0JBWGRzZ0owV0U0UV95UUVBQUFBQUFBRHdQOWtCU0RNV1RXY243al9nQWZ5dndBTDFBWVhya1QtWUFnQ2dBZ0MxQWdBQUFBQzlBZwE58FVEQUFnRElBZ0RRQWdEWUFnRGdBdm5jbVNIb0FvZmFscDBHLUFJQWdBTUJtQU1Cb2dNT0NQdXR2aWNRQkJnQkxUbEtPRHFpQXc0SS1keVpJUkFKR0FJdAFagEFLSURFd2l4LU40bUVBb1lBUzExWUpZX01nTjFibXVpQRk0BExHETTATG9EQ1VaU1FURTZOVE13TS1BRGlEQ0FCTGlqaXdpSUJPdl9xQWlRQkFHWUJBVEJCQQVqBQEIeVFRBQgFARhOZ0VBUEVFBQwFAVBDSUJiY3BtQVdjc3ZPREFha0ZTRE0tLAgteEIdOwh3UVUFMgUBCE1rRgEIHFlOSmQ3el9SLigAADIVKPBDRHdQLUFGMUFmd0JmZkR2Z2o0QmFDMVo0SUdBMFZWVW9nR0FKQUdBWmdHQUtFR1BRclhvM0E5OGotb0JnU3lCaVFKQUEBZgUBAFIFBgkBAFoJBwUBAGgFBgUBQEM0QmdvLpoCmQEhaEJYcklnOnUCLEo3TmZ5QUFLQUF4UBVtBDg2MlkBQDBDSU1FbElNeFpOWnlmdVAxPSwERmsFZwUBAEcdGABHHRgASB0YDEhnQWkuiQLw9XcuLtgCAOACm4VO6gIUaHR0cHM6Ly9mb3J3YXJkLmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APw0pIB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDgwLjI1NS43LjEwOKgEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANIEDjczMzcjRlJBMTo1MzAz2gQCCAHgBAHwBKDFx50BiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFhQH6BQQIABAAkAYAmAYAuAYAwQYAAAElKPA_0Aa0JdoGFgoQAQ8uAQB0EAAYAOAGAfIGAggAgAcBiAcAoAcByAeM2QXSBw0JESoBJgzaBwYIBQlo4AcA6gcCCADwB5bFA4oIAhAAlQgAAIA_mAgB&s=b0c0d118cc36b832edf1ea36c100861ce1762c0b&type=pv&jm=1003&bw=728&bh=90&sf=1&sid=1425382271713132305&vd=ct~0|rr~6&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=25248663&cid=3&cr=pv&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/231/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:29 GMT
AN-X-Request-Uuid
4d1bafe5-4316-4e1c-8e97-769ae78bdc8e
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
fra1-ib.adnxs.com/ Frame 9936 		0
951 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fforward.com%2F&e=wqT_3QKNC_BMjQUAAAMA1gAFAQjVnpudBhDN1dCf6oadpkoYja-4qpOZ7ppWKjYJbqMBvAUShD8Rjrw5fbkmfz8ZAAAAgD0K7z8hjrw5fbkmfz8pbqMJJPCBMQAAAEDhepQ_MJeHhQw4mFBAqTlIAlCgxcedAViezX9gAGix8pcBeMDZBYABAYoBA1VTRJIBA0VVUpgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAml1ZignYScsIDE2OTQzNjgsIDApO3VmKCdpJywgNTI0OTAyMBUULGcnLCAxNzgwMTcxORUVMHMnLCAyNzY2MTc1MDAVFjByJywgMzMwNDI0OTkyBRbwtpIC8QQhYm5oc2N3aXo2WkFaRUtERng1MEJHQUFnbnMxX01BRTRBRUFBU0trNVVKZUhoUXhZQUdDOUJtZ0FjQUI0QUlBQkFJZ0JBSkFCQVpnQkFhQUJBcWdCQXJBQkFMa0Izd0FGUlozcWdqX0JBWGRzZ0owV0U0UV95UUVBQUFBQUFBRHdQOWtCU0RNV1RXY243al9nQWZ5dndBTDFBWVhya1QtWUFnQ2dBZ0MxQWdBQUFBQzlBZwE58FVEQUFnRElBZ0RRQWdEWUFnRGdBdm5jbVNIb0FvZmFscDBHLUFJQWdBTUJtQU1Cb2dNT0NQdXR2aWNRQkJnQkxUbEtPRHFpQXc0SS1keVpJUkFKR0FJdAFagEFLSURFd2l4LU40bUVBb1lBUzExWUpZX01nTjFibXVpQRk0BExHETTATG9EQ1VaU1FURTZOVGMzT2VBRGlEQ0FCTGlqaXdpSUJPdl9xQWlRQkFHWUJBVEJCQQVqBQEIeVFRBQgFARhOZ0VBUEVFBQwFAVBDSUJaTXRtQVdjc3ZPREFha0ZTRE0tLAgteEIdOwh3UVUFMgUBCE1rRgEIHFlOSmQ3el9SLigAADIVKPBDRHdQLUFGMUFmd0JmZkR2Z2o0QmFDMVo0SUdBMFZWVW9nR0FKQUdBWmdHQUtFR1BRclhvM0E5OGotb0JnU3lCaVFKQUEBZgUBAFIFBgkBAFoJBwUBAGgFBgUBPEM0QmdvLpoCmQEhbFJXZ0o-dQIsSjdOZnlBQUtBQXhQFW0EODYyWQFAVUNJTUVsSU14Wk5aeWZ1UDE9LARGawVnBQEARx0YAEcdGABIHRgMSGdBaS6JAvD1dy4u2AIA4AKbhU7qAhRodHRwczovL2ZvcndhcmQuY29tL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA_DSkgHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMODAuMjU1LjcuMTA4qAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA0gQONzMzNyNGUkExOjU3NznaBAIIAeAEAfAEoMXHnQGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWFAfoFBAgAEACQBgCYBgC4BgDBBgAAASUo8D_QBrQl2gYWChABDy4BAHQQABgA4AYB8gYCCACABwGIBwCgBwHIB8DZBdIHDQkRKgEmDNoHBggFCWjgBwDqBwIIAPAHlsUDiggCEACVCAAAgD-YCAE.&s=631518fc29e8493b05c4eb565e045b114943da36&type=pv&jm=1003&bw=728&bh=90&sf=1&sid=1425382271713132305&vd=ct~0|rr~6&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=25248663&cid=3&cr=pv&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/231/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:29 GMT
AN-X-Request-Uuid
a91231fb-74af-41ac-99bd-f8c23fcbf566
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
fra1-ib.adnxs.com/ Frame 96B2 		0
951 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fforward.com%2F&e=wqT_3QKNC_BMjQUAAAMA1gAFAQjVnpudBhCu7LD2irbw7GAYja-4qpOZ7ppWKjYJbqMBvAUShD8Rjrw5fbkmfz8ZAAAAgD0K7z8hjrw5fbkmfz8pbqMJJPCBMQAAAEDhepQ_MJeHhQw4mFBAqTlIAlCgxcedAViezX9gAGix8pcBeNOGBoABAYoBA1VTRJIBA0VVUpgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAml1ZignYScsIDE2OTQzNjgsIDApO3VmKCdpJywgNTI0OTAyMBUULGcnLCAxNzgwMTcxORUVMHMnLCAyNzY2MTc1MDAVFjByJywgMzMwNDI0OTkyBRbwtpIC8QQhY1hnbmN3aXo2WkFaRUtERng1MEJHQUFnbnMxX01BRTRBRUFBU0trNVVKZUhoUXhZQUdDOUJtZ0FjQUI0QUlBQkFJZ0JBSkFCQVpnQkFhQUJBcWdCQXJBQkFMa0Izd0FGUlozcWdqX0JBWGRzZ0owV0U0UV95UUVBQUFBQUFBRHdQOWtCU0RNV1RXY243al9nQWZ5dndBTDFBWVhya1QtWUFnQ2dBZ0MxQWdBQUFBQzlBZwE58FVEQUFnRElBZ0RRQWdEWUFnRGdBdm5jbVNIb0FvZmFscDBHLUFJQWdBTUJtQU1Cb2dNT0NQdXR2aWNRQkJnQkxUbEtPRHFpQXc0SS1keVpJUkFKR0FJdAFagEFLSURFd2l4LU40bUVBb1lBUzExWUpZX01nTjFibXVpQRk0BExHETTATG9EQ1VaU1FURTZOalUxTS1BRGlEQ0FCTGlqaXdpSUJPdl9xQWlRQkFHWUJBVEJCQQVqBQEIeVFRBQgFARhOZ0VBUEVFBQwFAVBDSUJaa3ptQVdjc3ZPREFha0ZTRE0tLAgteEIdOwh3UVUFMgUBCE1rRgEIHFlOSmQ3el9SLigAADIVKPBDRHdQLUFGMUFmd0JmZkR2Z2o0QmFDMVo0SUdBMFZWVW9nR0FKQUdBWmdHQUtFR1BRclhvM0E5OGotb0JnU3lCaVFKQUEBZgUBAFIFBgkBAFoJBwUBAGgFBgUBQEM0QmdvLpoCmQEhakJVbkpROnUCLEo3TmZ5QUFLQUF4UBVtBDg2MlkBQDBDSU1FbElNeFpOWnlmdVAxPSwERmsFZwUBAEcdGABHHRgASB0YDEhnQWkuiQLw9XcuLtgCAOACm4VO6gIUaHR0cHM6Ly9mb3J3YXJkLmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APw0pIB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDgwLjI1NS43LjEwOKgEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANIEDjczMzcjRlJBMTo2NTUz2gQCCAHgBAHwBKDFx50BiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFhQH6BQQIABAAkAYAmAYAuAYAwQYAAAElKPA_0Aa0JdoGFgoQAQ8uAQB0EAAYAOAGAfIGAggAgAcBiAcAoAcByAfThgbSBw0JESoBJgzaBwYIBQlo4AcA6gcCCADwB5bFA4oIAhAAlQgAAIA_mAgB&s=362de2b5e0574252731e67407d346547674d03dc&type=pv&jm=1003&bw=728&bh=90&sf=1&sid=1425382271713132305&vd=ct~0|rr~6&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=25248663&cid=3&cr=pv&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/231/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:29 GMT
AN-X-Request-Uuid
83b853b4-8a07-4771-b094-26d495739d17
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
skeleton.js
static.adsafeprotected.com/ Frame 434A
Redirect Chain
  • https://pixel.adsafeprotected.com/rfw/st/992712/61653181/skeleton.js?618329399&adsafe_url=https%3A%2F%2Fforward.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fforward.com%2F&adsafe_type=c&adsafe_url=ht...
  • https://static.adsafeprotected.com/skeleton.js?618329399
17 B
463 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js?618329399
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=ppqndwhs&e=1544311770728
Protocol
H2
Server
2600:9000:21f3:4800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:50:24 GMT
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via
1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
8230628
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
McKtBxvPLrTfJkjJkx3VOAf-oEr5Zsu-VaWmya6gluzmjE4tGYX9aw==

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:29 GMT
server
nginx
x-server-name
app06.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.js?618329399
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 5ED3 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=ppqndwhs&e=1544311770728
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:4800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
8101873
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
kSu5yzORm5lXSzT2b_K5oZjdj5_k6uqbkpHRDmtcvATudeCiyCWKGQ==
cc0c6aea4eb1691774290fc6cf5d76f9.js
s0.2mdn.net/sadbundle/15430684408566409259/ Frame F4C7 		71 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/15430684408566409259/cc0c6aea4eb1691774290fc6cf5d76f9.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15430684408566409259/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa5f90a8b39fa758d891146e98c9292bd53fad6ad7f0f458d08b0ae3e084967f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15430684408566409259/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 18 Dec 2022 13:58:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
504529
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18321
x-xss-protection
0
last-modified
Sun, 22 May 2022 10:01:36 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 18 Dec 2023 13:58:40 GMT
dt
dt.adsafeprotected.com/ Frame 3A7C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=992712&asId=3f7b216e-2265-fe8c-d694-beffe1a4ac1c&tv=%7Bc:xHUzOE,pingTime:1,time:6977,type:p,im:%7Bimprf:%7Bttecl:8678,ecd:1088,tsecr:1749%7D%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:3730%7D,%7Bpiv:100,vs:i,r:,t:5543%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:1434,o:5543,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:3730,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1863~0%5D,as:%5B1863~728.90%5D%7D%7D,%7Bsl:i,t:5543,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1434~100%5D,as:%5B1434~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:1721,fm:tqVxaI2+11%7C121%7C131%7C141%7C151%7C161%7C171%7C181%7C191%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e11%7C1e12%7C1e13%7C1f11%7C1f12%7C1f13%7C1g1%7C1g21%7C1g3%7C1g4%7C1g5%7C1h1.992712-61653181%7C1h11%7C1h12%7C1h2%7C1h3%7C1h41%7C1h5%7C1i11%7C1i12%7C1i13%7C1i2%7C1i31%7C1i4%7C1i5%7C1j1.992712-61653181%7C1j11%7C1j12%7C1j2%7C1j31%7C1j4%7C1j5%7C1k1.992712-61653181%7C1k11%7C1k12%7C1k21%7C1k3%7C1k4%7C1k5%7C1l1.992712-61653181%7C1l11%7C1l12%7C1l2%7C1l3%7C1l4%7C1l51%7C1m1.992712-61653181%7C1m11%7C1m12%7C1m2%7C1m31%7C1m4%7C1m5%7C1n1*.992712-61653181%7C1n11%7C1n12%7C1n2%7C1n3%7C1n4%7C1n51%7C1o1.992712-61653181%7C1o11%7C1o12%7C1o21%7C1o3%7C1o4%7C1o5%7C1p11%7C1p12%7C1p13%7C1p14%7C1p15%7C1p2%7C1p3%7C1p41%7C1p5%7C1q11%7C1q12%7C1q2%7C1q3%7C1q4%7C1q51%7C1r11%7C1r12%7C1r13%7C1r2%7C1r3%7C1r41%7C1r5%7C1s11%7C1s12%7C1s2%7C1s3%7C1s4%7C1s51%7C1t%7C1u11%7C1v11%7C1v12%7C1v21%7C1v3%7C1v4%7C1v5%7C1w1%7C1w2%7C1w3%7C1w41%7C1w5%7C1x1%7C1x21%7C1x3%7C1x4%7C1x5%7C1y11%7C1y12%7C1y2%7C1y31%7C1y4%7C1y5%7C1z11%7C1z12%7C1z2%7C1z3%7C1z41%7C1z5%7C11011%7C11012%7C1102%7C11031%7C1104%7C1105%7C1111%7C1112%7C11131%7C1114%7C1115%7C11211%7C11212%7C1122%7C1123%7C1124%7C11251%7C1131%7C1132%7C1133%7C1134%7C11351%7C11411%7C11412%7C1142%7C1143%7C11441%7C1145%7C11511%7C11611%7C1171%7C1172%7C1173%7C1174%7C1175%7C11811%7C11812%7C1182%7C1183%7C1184%7C1185%7C11911%7C11912%7C1192%7C1193%7C1194%7C1195%7C11a11%7C11a12%7C11a2%7C11a3%7C11a4%7C11a5%7C11b1%7C11b2%7C11b3%7C11b4%7C11b5%7C11c1%7C11c2%7C11c3%7C11c4%7C11c5%7C11d11%7C11d12%7C11d2%7C11d3%7C11d4%7C11d5%7C11e11%7C11e12%7C11e21%7C11f11%7C11f12%7C11f2%7C11g11%7C11h11%7C11h12%7C11h2%7C11i11%7C11i12%7C11i2%7C11j1%7C11k1%7C11l1%7C11m1%7C11n1%7C11o1%7C11p1%7C11q1%7C11r1%7C11s1%7C11t1%7C11u1%7C11v1%7C11w1%7C11x1%7C11y1%7C11z1%7C11z21%7C11z22%7C11z23%7C11z24%7C11z25%7C11z26%7C11z27%7C11z28%7C11z29%7C11z2a%7C11z2b%7C11z2c%7C11z2d%7C11z2e%7C11z2f%7C11z2g%7C11z2h%7C11z2i%7C11z3%7C11z4%7C1201%7C1202%7C1203%7C1204%7C1211%7C1212%7C1213%7C1214%7C1221%7C1222%7C1223%7C1224%7C1231%7C1232%7C1233%7C1234,idMap:1n1.9d7b8e3d-18ac-083d-530b-71e179fb993e.865_930248%7C1n1*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:3732,sis:6569%7D&br=c
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=sqwwysn&e=1535582086632
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:e69a:c43c:f0d:9cd8 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:30 GMT
server
nginx
x-server-name
dt07.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 3A7C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=992712&asId=3f7b216e-2265-fe8c-d694-beffe1a4ac1c&tv=%7Bc:xHUzOF,pingTime:1,time:6978,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:3730%7D,%7Bpiv:100,vs:i,r:,t:5543%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:1435,o:5543,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:3730,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1863~0%5D,as:%5B1863~728.90%5D%7D%7D,%7Bsl:i,t:5543,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1435~100%5D,as:%5B1435~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:1721,fm:tqVxaI2+11%7C121%7C131%7C141%7C151%7C161%7C171%7C181%7C191%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e11%7C1e12%7C1e13%7C1f11%7C1f12%7C1f13%7C1g1%7C1g21%7C1g3%7C1g4%7C1g5%7C1h1.992712-61653181%7C1h11%7C1h12%7C1h2%7C1h3%7C1h41%7C1h5%7C1i11%7C1i12%7C1i13%7C1i2%7C1i31%7C1i4%7C1i5%7C1j1.992712-61653181%7C1j11%7C1j12%7C1j2%7C1j31%7C1j4%7C1j5%7C1k1.992712-61653181%7C1k11%7C1k12%7C1k21%7C1k3%7C1k4%7C1k5%7C1l1.992712-61653181%7C1l11%7C1l12%7C1l2%7C1l3%7C1l4%7C1l51%7C1m1.992712-61653181%7C1m11%7C1m12%7C1m2%7C1m31%7C1m4%7C1m5%7C1n1*.992712-61653181%7C1n11%7C1n12%7C1n2%7C1n3%7C1n4%7C1n51%7C1o1.992712-61653181%7C1o11%7C1o12%7C1o21%7C1o3%7C1o4%7C1o5%7C1p11%7C1p12%7C1p13%7C1p14%7C1p15%7C1p2%7C1p3%7C1p41%7C1p5%7C1q11%7C1q12%7C1q2%7C1q3%7C1q4%7C1q51%7C1r11%7C1r12%7C1r13%7C1r2%7C1r3%7C1r41%7C1r5%7C1s11%7C1s12%7C1s2%7C1s3%7C1s4%7C1s51%7C1t%7C1u11%7C1v11%7C1v12%7C1v21%7C1v3%7C1v4%7C1v5%7C1w1%7C1w2%7C1w3%7C1w41%7C1w5%7C1x1%7C1x21%7C1x3%7C1x4%7C1x5%7C1y11%7C1y12%7C1y2%7C1y31%7C1y4%7C1y5%7C1z11%7C1z12%7C1z2%7C1z3%7C1z41%7C1z5%7C11011%7C11012%7C1102%7C11031%7C1104%7C1105%7C1111%7C1112%7C11131%7C1114%7C1115%7C11211%7C11212%7C1122%7C1123%7C1124%7C11251%7C1131%7C1132%7C1133%7C1134%7C11351%7C11411%7C11412%7C1142%7C1143%7C11441%7C1145%7C11511%7C11611%7C1171%7C1172%7C1173%7C1174%7C1175%7C11811%7C11812%7C1182%7C1183%7C1184%7C1185%7C11911%7C11912%7C1192%7C1193%7C1194%7C1195%7C11a11%7C11a12%7C11a2%7C11a3%7C11a4%7C11a5%7C11b1%7C11b2%7C11b3%7C11b4%7C11b5%7C11c1%7C11c2%7C11c3%7C11c4%7C11c5%7C11d11%7C11d12%7C11d2%7C11d3%7C11d4%7C11d5%7C11e11%7C11e12%7C11e21%7C11f11%7C11f12%7C11f2%7C11g11%7C11h11%7C11h12%7C11h2%7C11i11%7C11i12%7C11i2%7C11j1%7C11k1%7C11l1%7C11m1%7C11n1%7C11o1%7C11p1%7C11q1%7C11r1%7C11s1%7C11t1%7C11u1%7C11v1%7C11w1%7C11x1%7C11y1%7C11z1%7C11z21%7C11z22%7C11z23%7C11z24%7C11z25%7C11z26%7C11z27%7C11z28%7C11z29%7C11z2a%7C11z2b%7C11z2c%7C11z2d%7C11z2e%7C11z2f%7C11z2g%7C11z2h%7C11z2i%7C11z3%7C11z4%7C1201%7C1202%7C1203%7C1204%7C1211%7C1212%7C1213%7C1214%7C1221%7C1222%7C1223%7C1224%7C1231%7C1232%7C1233%7C1234,idMap:1n1.9d7b8e3d-18ac-083d-530b-71e179fb993e.865_930248%7C1n1*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:3732,sis:6569%7D&br=c
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=sqwwysn&e=1535582086632
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:e69a:c43c:f0d:9cd8 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:30 GMT
server
nginx
x-server-name
dt12.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
vevent
fra1-ib.adnxs.com/ Frame 3A7C 		0
951 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fforward.com%2F&e=wqT_3QKNC_BMjQUAAAMA1gAFAQjVnpudBhC8ob3UlKu_tkYYja-4qpOZ7ppWKjYJbqMBvAUShD8Rjrw5fbkmfz8ZAAAAgD0K7z8hjrw5fbkmfz8pbqMJJPCBMQAAAEDhepQ_MJeHhQw4mFBAqTlIAlCgxcedAViezX9gAGix8pcBeKXZBYABAYoBA1VTRJIBA0VVUpgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAml1ZignYScsIDE2OTQzNjgsIDApO3VmKCdpJywgNTI0OTAyMBUULGcnLCAxNzgwMTcxORUVMHMnLCAyNzY2MTc1MDAVFjByJywgMzMwNDI0OTkyBRbwtpIC8QQha1hqMmhRaXo2WkFaRUtERng1MEJHQUFnbnMxX01BRTRBRUFBU0trNVVKZUhoUXhZQUdDOUJtZ0FjQUI0QUlBQkFJZ0JBSkFCQVpnQkFhQUJBcWdCQXJBQkFMa0Izd0FGUlozcWdqX0JBWGRzZ0owV0U0UV95UUVBQUFBQUFBRHdQOWtCU0RNV1RXY243al9nQWZ5dndBTDFBWVhya1QtWUFnQ2dBZ0MxQWdBQUFBQzlBZwE58FVEQUFnRElBZ0RRQWdEWUFnRGdBdm5jbVNIb0FvZmFscDBHLUFJQWdBTUJtQU1Cb2dNT0NQdXR2aWNRQkJnQkxUbEtPRHFpQXc0SS1keVpJUkFKR0FJdAFagEFLSURFd2l4LU40bUVBb1lBUzExWUpZX01nTjFibXVpQRk0BExHETTATG9EQ1VaU1FURTZOVFEwTk9BRGlEQ0FCTGlqaXdpSUJPdl9xQWlRQkFHWUJBVEJCQQVqBQEIeVFRBQgFARhOZ0VBUEVFBQwFAVBDSUJjUXFtQVdjc3ZPREFha0ZTRE0tLAgteEIdOwh3UVUFMgUBCE1rRgEIHFlOSmQ3el9SLigAADIVKPBDRHdQLUFGMUFmd0JmZkR2Z2o0QmFDMVo0SUdBMFZWVW9nR0FKQUdBWmdHQUtFR1BRclhvM0E5OGotb0JnU3lCaVFKQUEBZgUBAFIFBgkBAFoJBwUBAGgFBgUBQEM0QmdvLpoCmQEhaWhXVkpBOnUCLEo3TmZ5QUFLQUF4UBVtBDg2MlkBQEVDSU1FbElNeFpOWnlmdVAxPSwERmsFZwUBAEcdGABHHRgASB0YDEhnQWkuiQLw9XcuLtgCAOACm4VO6gIUaHR0cHM6Ly9mb3J3YXJkLmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APw0pIB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDgwLjI1NS43LjEwOKgEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANIEDjczMzcjRlJBMTo1NDQ02gQCCAHgBAHwBKDFx50BiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFhQH6BQQIABAAkAYAmAYAuAYAwQYAAAElKPA_0Aa0JdoGFgoQAQ8uAQB0EAAYAOAGAfIGAggAgAcBiAcAoAcByAel2QXSBw0JESoBJgzaBwYIBQlo4AcA6gcCCADwB5bFA4oIAhAAlQgAAIA_mAgB&s=96e521e271c2832453674397daa5211ba471f6a2&type=pv&jm=1003&bw=728&bh=90&sf=1&sid=1425382271713132305&vd=ct~0|rr~6&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=25248663&cid=3&cr=pv&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/231/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:30 GMT
AN-X-Request-Uuid
e79a41e8-e984-418c-8bd6-36ff71cd80ef
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dt
dt.adsafeprotected.com/ Frame B5EE 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=992712&asId=83f3ab22-d8e3-dcc6-a856-f4ed86a77a42&tv=%7Bc:xHUzQv,pingTime:1,time:7077,type:p,im:%7Bimprf:%7Bttecl:8720,ecd:1060,tsecr:1817%7D%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:3778%7D,%7Bpiv:100,vs:i,r:,t:5575%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:1502,o:5575,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:3778,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1835~0%5D,as:%5B1835~728.90%5D%7D%7D,%7Bsl:i,t:5575,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1502~100%5D,as:%5B1502~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:1595,fm:tqVxaI2+11%7C121%7C131%7C141%7C151%7C161%7C171%7C181%7C191%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e11%7C1e12%7C1e13%7C1f11%7C1f12%7C1f13%7C1g1%7C1g21%7C1g3%7C1g4%7C1g5%7C1h1.992712-61653181%7C1h11%7C1h12%7C1h2%7C1h3%7C1h41%7C1h5%7C1i11%7C1i12%7C1i13%7C1i2%7C1i31%7C1i4%7C1i5%7C1j1.992712-61653181%7C1j11%7C1j12%7C1j2%7C1j31%7C1j4%7C1j5%7C1k1.992712-61653181%7C1k11%7C1k12%7C1k21%7C1k3%7C1k4%7C1k5%7C1l1.992712-61653181%7C1l11%7C1l12%7C1l2%7C1l3%7C1l4%7C1l51%7C1m1.992712-61653181%7C1m11%7C1m12%7C1m2%7C1m31%7C1m4%7C1m5%7C1n1.992712-61653181%7C1n11%7C1n12%7C1n13%7C1n2%7C1n3%7C1n4%7C1n51%7C1o1*.992712-61653181%7C1o11%7C1o12%7C1o21%7C1o3%7C1o4%7C1o5%7C1p11%7C1p12%7C1p13%7C1p14%7C1p15%7C1p2%7C1p3%7C1p41%7C1p5%7C1q11%7C1q12%7C1q2%7C1q3%7C1q4%7C1q51%7C1r11%7C1r12%7C1r13%7C1r2%7C1r3%7C1r41%7C1r5%7C1s11%7C1s12%7C1s2%7C1s3%7C1s4%7C1s51%7C1t%7C1u11%7C1v11%7C1v12%7C1v21%7C1v3%7C1v4%7C1v5%7C1w1%7C1w2%7C1w3%7C1w41%7C1w5%7C1x1%7C1x21%7C1x3%7C1x4%7C1x5%7C1y11%7C1y12%7C1y2%7C1y31%7C1y4%7C1y5%7C1z11%7C1z12%7C1z2%7C1z3%7C1z41%7C1z5%7C11011%7C11012%7C1102%7C11031%7C1104%7C1105%7C1111%7C1112%7C11131%7C1114%7C1115%7C11211%7C11212%7C1122%7C1123%7C1124%7C11251%7C1131%7C1132%7C1133%7C1134%7C11351%7C11411%7C11412%7C1142%7C1143%7C11441%7C1145%7C11511%7C11611%7C1171%7C1172%7C1173%7C1174%7C1175%7C11811%7C11812%7C1182%7C1183%7C1184%7C1185%7C11911%7C11912%7C1192%7C1193%7C1194%7C1195%7C11a11%7C11a12%7C11a2%7C11a3%7C11a4%7C11a5%7C11b1%7C11b2%7C11b3%7C11b4%7C11b5%7C11c1%7C11c2%7C11c3%7C11c4%7C11c5%7C11d11%7C11d12%7C11d2%7C11d3%7C11d4%7C11d5%7C11e11%7C11e12%7C11e21%7C11f11%7C11f12%7C11f2%7C11g11%7C11h11%7C11h12%7C11h2%7C11i11%7C11i12%7C11i2%7C11j1%7C11k1%7C11l1%7C11m1%7C11n1%7C11o1%7C11p1%7C11q1%7C11r1%7C11s1%7C11t1%7C11u1%7C11v1%7C11w1%7C11x1%7C11y1%7C11z1%7C11z21%7C11z22%7C11z23%7C11z24%7C11z25%7C11z26%7C11z27%7C11z28%7C11z29%7C11z2a%7C11z2b%7C11z2c%7C11z2d%7C11z2e%7C11z2f%7C11z2g%7C11z2h%7C11z2i%7C11z3%7C11z4%7C1201%7C1202%7C1203%7C1204%7C1211%7C1212%7C1213%7C1214%7C1221%7C1222%7C1223%7C1224%7C1231%7C1232%7C1233%7C1234,idMap:1o1.9e0a00f4-a1e9-4383-2735-964ffd17cedf.760_930248%7C1o1*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:3779,sis:6657%7D&br=c
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=gsuhtufxa&e=1535582086632
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:e69a:c43c:f0d:9cd8 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:30 GMT
server
nginx
x-server-name
dt13.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame B5EE 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=992712&asId=83f3ab22-d8e3-dcc6-a856-f4ed86a77a42&tv=%7Bc:xHUzQw,pingTime:1,time:7078,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:3778%7D,%7Bpiv:100,vs:i,r:,t:5575%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:1503,o:5575,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:3778,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1835~0%5D,as:%5B1835~728.90%5D%7D%7D,%7Bsl:i,t:5575,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1503~100%5D,as:%5B1503~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:1595,fm:tqVxaI2+11%7C121%7C131%7C141%7C151%7C161%7C171%7C181%7C191%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e11%7C1e12%7C1e13%7C1f11%7C1f12%7C1f13%7C1g1%7C1g21%7C1g3%7C1g4%7C1g5%7C1h1.992712-61653181%7C1h11%7C1h12%7C1h2%7C1h3%7C1h41%7C1h5%7C1i11%7C1i12%7C1i13%7C1i2%7C1i31%7C1i4%7C1i5%7C1j1.992712-61653181%7C1j11%7C1j12%7C1j2%7C1j31%7C1j4%7C1j5%7C1k1.992712-61653181%7C1k11%7C1k12%7C1k21%7C1k3%7C1k4%7C1k5%7C1l1.992712-61653181%7C1l11%7C1l12%7C1l2%7C1l3%7C1l4%7C1l51%7C1m1.992712-61653181%7C1m11%7C1m12%7C1m2%7C1m31%7C1m4%7C1m5%7C1n1.992712-61653181%7C1n11%7C1n12%7C1n13%7C1n2%7C1n3%7C1n4%7C1n51%7C1o1*.992712-61653181%7C1o11%7C1o12%7C1o21%7C1o3%7C1o4%7C1o5%7C1p11%7C1p12%7C1p13%7C1p14%7C1p15%7C1p2%7C1p3%7C1p41%7C1p5%7C1q11%7C1q12%7C1q2%7C1q3%7C1q4%7C1q51%7C1r11%7C1r12%7C1r13%7C1r2%7C1r3%7C1r41%7C1r5%7C1s11%7C1s12%7C1s2%7C1s3%7C1s4%7C1s51%7C1t%7C1u11%7C1v11%7C1v12%7C1v21%7C1v3%7C1v4%7C1v5%7C1w1%7C1w2%7C1w3%7C1w41%7C1w5%7C1x1%7C1x21%7C1x3%7C1x4%7C1x5%7C1y11%7C1y12%7C1y2%7C1y31%7C1y4%7C1y5%7C1z11%7C1z12%7C1z2%7C1z3%7C1z41%7C1z5%7C11011%7C11012%7C1102%7C11031%7C1104%7C1105%7C1111%7C1112%7C11131%7C1114%7C1115%7C11211%7C11212%7C1122%7C1123%7C1124%7C11251%7C1131%7C1132%7C1133%7C1134%7C11351%7C11411%7C11412%7C1142%7C1143%7C11441%7C1145%7C11511%7C11611%7C1171%7C1172%7C1173%7C1174%7C1175%7C11811%7C11812%7C1182%7C1183%7C1184%7C1185%7C11911%7C11912%7C1192%7C1193%7C1194%7C1195%7C11a11%7C11a12%7C11a2%7C11a3%7C11a4%7C11a5%7C11b1%7C11b2%7C11b3%7C11b4%7C11b5%7C11c1%7C11c2%7C11c3%7C11c4%7C11c5%7C11d11%7C11d12%7C11d2%7C11d3%7C11d4%7C11d5%7C11e11%7C11e12%7C11e21%7C11f11%7C11f12%7C11f2%7C11g11%7C11h11%7C11h12%7C11h2%7C11i11%7C11i12%7C11i2%7C11j1%7C11k1%7C11l1%7C11m1%7C11n1%7C11o1%7C11p1%7C11q1%7C11r1%7C11s1%7C11t1%7C11u1%7C11v1%7C11w1%7C11x1%7C11y1%7C11z1%7C11z21%7C11z22%7C11z23%7C11z24%7C11z25%7C11z26%7C11z27%7C11z28%7C11z29%7C11z2a%7C11z2b%7C11z2c%7C11z2d%7C11z2e%7C11z2f%7C11z2g%7C11z2h%7C11z2i%7C11z3%7C11z4%7C1201%7C1202%7C1203%7C1204%7C1211%7C1212%7C1213%7C1214%7C1221%7C1222%7C1223%7C1224%7C1231%7C1232%7C1233%7C1234,idMap:1o1.9e0a00f4-a1e9-4383-2735-964ffd17cedf.760_930248%7C1o1*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:3779,sis:6657%7D&br=c
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=gsuhtufxa&e=1535582086632
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:e69a:c43c:f0d:9cd8 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:30 GMT
server
nginx
x-server-name
dt15.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
async_usersync
ib.adnxs.com/ Frame B5E4 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1654713&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1654713
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:30 GMT
AN-X-Request-Uuid
925b5e3e-a048-4164-b244-718e69120534
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
adcfg
ap.lijit.com/ Frame 2752 		191 B
559 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/adcfg?zoneid=1051986&tid=19a4b5a9df1749c6b7e22cc3619fa9e381af2b4c&mode=1&dmn=forward.com
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
ae2930e8cd5304367f9174bc50e2448467b59a870c1951a5a28215fa17a6a7e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:30 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
170
usync.html
eus.rubiconproject.com/ Frame 8D23 		281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://forward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 10:07:30 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
publishertag.prebid.130.js
static.criteo.net/js/ld/ Frame 0075 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.130.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:30 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 17 Sep 2022 19:59:55 GMT
server
nginx
etag
W/"6326273b-16120"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 25 Dec 2022 10:07:30 GMT
ToyotaType-Book.woff2
cdn.flashtalking.com/129256/3290827/webfont/ Frame EC34 		35 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/129256/3290827/webfont/ToyotaType-Book.woff2
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=icavjgt&e=1535582086632
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
5b4a4bb9b2433c24ad694397349c843ff72aae282b99a5c87a59cd3d9e96ee65

Request headers

Referer
https://cdn.flashtalking.com/129256/3290827/index.html
Origin
https://cdn.flashtalking.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:30 GMT
Last-Modified
Mon, 28 Dec 2020 13:38:23 GMT
x-amz-request-id
1ZPMFXMP6ASD9KZT
ETag
"1609162703"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
X-HW
1671876449.dop241.fr8.shc,1671876450.dop241.fr8.t,1671876450.cds011.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=78721
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
35812
x-amz-id-2
+HNy03F+J3eFaZ4UnVtegQBchzxXox+D5zUNDhRZz2JqnPcWBNW8x9pLpS6V5WleECBc1u0o0IY=
PT2200023_AygoX_Infrastructure_Superbanner_728x90.png
cdn.flashtalking.com/129256/instantAssets/ Frame EC34 		103 KB
104 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/129256/instantAssets/PT2200023_AygoX_Infrastructure_Superbanner_728x90.png
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=icavjgt&e=1535582086632
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
893cc261113d560246c0e2e2154a832e73e6aa229ffbcecdb9ed423db9465be8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:30 GMT
Content-Encoding
gzip
x-amz-request-id
S7ZGVAMJ2RF0S6CA
Connection
Keep-Alive
Content-Length
105647
x-amz-id-2
cTaGHkhfxVr7RfN1EFhIXRkd9Rl6NRD1T1cNckEwjtTHvexBxSjgn5BvhiRoaOatsxX8MsafOsU=
Last-Modified
Wed, 13 Jul 2022 12:55:35 GMT
ETag
"1657716935"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
X-HW
1671876449.dop012.fr8.shc,1671876450.dop012.fr8.t,1671876450.cds153.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=786
Accept-Ranges
bytes
PT2200023_AygoX_Infrastructure_Superbanner_728x90_V2.png
cdn.flashtalking.com/129256/instantAssets/ Frame EC34 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/129256/instantAssets/PT2200023_AygoX_Infrastructure_Superbanner_728x90_V2.png
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=icavjgt&e=1535582086632
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
34a50a01804d1fec638ae21cbf395c1d8bb8303359459c4831eba29aad93c27a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:30 GMT
Last-Modified
Wed, 13 Jul 2022 12:55:35 GMT
x-amz-request-id
FPAWF53A67H0CMNB
ETag
"1657716935"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
X-HW
1671876449.dop162.fr8.shc,1671876450.dop162.fr8.t,1671876450.cds285.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=786
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
68391
x-amz-id-2
PrpZJ4Y4j9/8Lfzoi9P9Zyn2NtrHjUCot3MWVDCKDRmPksidQc3tLlU4um2FaaE8+1J1+nsQj/o=
PT2200023_AygoX_Superbanner_728x90_V2.png
cdn.flashtalking.com/129256/instantAssets/ Frame EC34 		94 KB
95 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/129256/instantAssets/PT2200023_AygoX_Superbanner_728x90_V2.png
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=icavjgt&e=1535582086632
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
3017ae358550cfa63aa1da2a66981d7492744cc695db5700e5cb2536c9f52bd8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:30 GMT
Last-Modified
Wed, 13 Jul 2022 12:55:35 GMT
x-amz-request-id
FPAX8TQ1YQQ9FD1F
ETag
"1657716935"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
X-HW
1671876449.dop204.fr8.shc,1671876450.dop204.fr8.t,1671876450.cds165.fr8.pr
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
96597
x-amz-id-2
P4lw+/ZBjwWcq/0NRlFVeu+LaJNwhwtKdSwUbYa4kW5xP8cZSDQxs8PgAlbYrsud3n/JTHf2e9w=
deactivate.png
cdn.flashtalking.com/129256/instantAssets/ Frame EC34 		931 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/129256/instantAssets/deactivate.png
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=icavjgt&e=1535582086632
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
09b768f65e6055a413ecabf6e793257aec9656e2d1104a6946f94e81eeb43212

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:30 GMT
Content-Encoding
gzip
x-amz-request-id
A7AK3DCKFN7R1XP8
Connection
Keep-Alive
Content-Length
611
x-amz-id-2
w4/sCdGZgzMJ49tid27vaQsH2KYMLGIv9vsfo2wuB+S6VV9bvqZpdIscsxWlit6NFsKoZU+ZJYo=
Last-Modified
Tue, 06 Sep 2022 09:12:49 GMT
ETag
"1662455569"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
X-HW
1671876449.dop222.fr8.shc,1671876450.dop222.fr8.t,1671876450.cds147.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=558
Accept-Ranges
bytes
Trigger_Redline_728x90.png
cdn.flashtalking.com/129256/instantAssets/ Frame EC34 		579 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/129256/instantAssets/Trigger_Redline_728x90.png
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=icavjgt&e=1535582086632
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
e4c80c7e1fea7c6772d526a8bd5845218e020c523d75d79b7937468f51c5af75

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:30 GMT
Last-Modified
Wed, 13 Jul 2022 14:35:58 GMT
x-amz-request-id
98S21XFKDTYPDS3P
ETag
"1657722958"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
X-HW
1671876449.dop231.fr8.shc,1671876450.dop231.fr8.t,1671876450.cds220.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=786
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
579
x-amz-id-2
GhWhXyik4Nygy3OdejHOHyk43POl+zOKmahfhWV+Utfm3/GqHkRN3XMbcu5DrkYWFAHqGPK0IAk=
Toyota_1456x180_Logo_White.png
cdn.flashtalking.com/129256/instantAssets/ Frame EC34 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/129256/instantAssets/Toyota_1456x180_Logo_White.png
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=icavjgt&e=1535582086632
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
67ea6433230f60c2eee0a4cadcb121c30844d2c0c042fb95d4c4751a5a0adedb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:30 GMT
Last-Modified
Tue, 22 Nov 2022 09:43:07 GMT
x-amz-request-id
NYAA502F85FK6625
ETag
"1669110187"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
X-HW
1671876449.dop231.fr8.shc,1671876450.dop231.fr8.t,1671876450.cds269.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=786
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
2198
x-amz-id-2
QW5e8vcfan6o1xH1CQY0mbagJnNOEvXyoTnRNAj6kYma7kLrrxKJfykrggm7xnIKpqLmWdqM+1I=
Toyota_infoicon_white.png
cdn.flashtalking.com/129256/instantAssets/ Frame EC34 		243 B
865 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/129256/instantAssets/Toyota_infoicon_white.png
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=icavjgt&e=1535582086632
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
203340e805a9ee22c5a35eda18234ee389287a000f727144b444208c4fb0e27e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:30 GMT
Content-Encoding
gzip
x-amz-request-id
CM7CRMNDK2S3TN6K
Connection
Keep-Alive
Content-Length
200
x-amz-id-2
1CjWBlL0mdelBYv8kysdRFJ0edjTYBDFS061CXOABR4pp4A0bksogdwoLT+UHfETHuUX3w0IFzI=
Last-Modified
Thu, 06 Oct 2022 10:19:00 GMT
ETag
"1665051540"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
X-HW
1671876449.dop012.fr8.shc,1671876450.dop012.fr8.t,1671876450.cds235.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=224
Accept-Ranges
bytes
publishertag.prebid.130.js
static.criteo.net/js/ld/ Frame FB2B 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.130.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:30 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 17 Sep 2022 19:59:55 GMT
server
nginx
etag
W/"6326273b-16120"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 25 Dec 2022 10:07:30 GMT
PT2200023_AygoX_Infrastructure_Superbanner_728x90.png
cdn.flashtalking.com/129256/instantAssets/ Frame 64B6 		103 KB
104 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/129256/instantAssets/PT2200023_AygoX_Infrastructure_Superbanner_728x90.png
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/129256/3290827/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
893cc261113d560246c0e2e2154a832e73e6aa229ffbcecdb9ed423db9465be8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:30 GMT
Content-Encoding
gzip
x-amz-request-id
S7ZGVAMJ2RF0S6CA
Connection
Keep-Alive
Content-Length
105647
x-amz-id-2
cTaGHkhfxVr7RfN1EFhIXRkd9Rl6NRD1T1cNckEwjtTHvexBxSjgn5BvhiRoaOatsxX8MsafOsU=
Last-Modified
Wed, 13 Jul 2022 12:55:35 GMT
ETag
"1657716935"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
X-HW
1671876449.dop231.fr8.shc,1671876450.dop231.fr8.t,1671876450.cds153.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=786
Accept-Ranges
bytes
PT2200023_AygoX_Infrastructure_Superbanner_728x90_V2.png
cdn.flashtalking.com/129256/instantAssets/ Frame 64B6 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/129256/instantAssets/PT2200023_AygoX_Infrastructure_Superbanner_728x90_V2.png
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/129256/3290827/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
34a50a01804d1fec638ae21cbf395c1d8bb8303359459c4831eba29aad93c27a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:30 GMT
Last-Modified
Wed, 13 Jul 2022 12:55:35 GMT
x-amz-request-id
FPAWF53A67H0CMNB
ETag
"1657716935"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
X-HW
1671876449.dop162.fr8.shc,1671876450.dop162.fr8.t,1671876450.cds285.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=786
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
68391
x-amz-id-2
PrpZJ4Y4j9/8Lfzoi9P9Zyn2NtrHjUCot3MWVDCKDRmPksidQc3tLlU4um2FaaE8+1J1+nsQj/o=
PT2200023_AygoX_Superbanner_728x90_V2.png
cdn.flashtalking.com/129256/instantAssets/ Frame 64B6 		94 KB
95 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/129256/instantAssets/PT2200023_AygoX_Superbanner_728x90_V2.png
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/129256/3290827/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
3017ae358550cfa63aa1da2a66981d7492744cc695db5700e5cb2536c9f52bd8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:30 GMT
Last-Modified
Wed, 13 Jul 2022 12:55:35 GMT
x-amz-request-id
FPAX8TQ1YQQ9FD1F
ETag
"1657716935"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
X-HW
1671876449.dop222.fr8.shc,1671876450.dop222.fr8.t,1671876450.cds165.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
96597
x-amz-id-2
P4lw+/ZBjwWcq/0NRlFVeu+LaJNwhwtKdSwUbYa4kW5xP8cZSDQxs8PgAlbYrsud3n/JTHf2e9w=
deactivate.png
cdn.flashtalking.com/129256/instantAssets/ Frame 64B6 		931 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/129256/instantAssets/deactivate.png
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/129256/3290827/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
09b768f65e6055a413ecabf6e793257aec9656e2d1104a6946f94e81eeb43212

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:30 GMT
Content-Encoding
gzip
x-amz-request-id
A7AK3DCKFN7R1XP8
Connection
Keep-Alive
Content-Length
611
x-amz-id-2
w4/sCdGZgzMJ49tid27vaQsH2KYMLGIv9vsfo2wuB+S6VV9bvqZpdIscsxWlit6NFsKoZU+ZJYo=
Last-Modified
Tue, 06 Sep 2022 09:12:49 GMT
ETag
"1662455569"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
X-HW
1671876449.dop012.fr8.shc,1671876450.dop012.fr8.t,1671876450.cds147.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=558
Accept-Ranges
bytes
Trigger_Redline_728x90.png
cdn.flashtalking.com/129256/instantAssets/ Frame 64B6 		579 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/129256/instantAssets/Trigger_Redline_728x90.png
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/129256/3290827/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
e4c80c7e1fea7c6772d526a8bd5845218e020c523d75d79b7937468f51c5af75

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:30 GMT
Last-Modified
Wed, 13 Jul 2022 14:35:58 GMT
x-amz-request-id
98S21XFKDTYPDS3P
ETag
"1657722958"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
X-HW
1671876449.dop162.fr8.shc,1671876450.dop162.fr8.t,1671876450.cds220.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=786
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
579
x-amz-id-2
GhWhXyik4Nygy3OdejHOHyk43POl+zOKmahfhWV+Utfm3/GqHkRN3XMbcu5DrkYWFAHqGPK0IAk=
Toyota_1456x180_Logo_White.png
cdn.flashtalking.com/129256/instantAssets/ Frame 64B6 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/129256/instantAssets/Toyota_1456x180_Logo_White.png
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/129256/3290827/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
67ea6433230f60c2eee0a4cadcb121c30844d2c0c042fb95d4c4751a5a0adedb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:30 GMT
Last-Modified
Tue, 22 Nov 2022 09:43:07 GMT
x-amz-request-id
NYAA502F85FK6625
ETag
"1669110187"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
X-HW
1671876449.dop012.fr8.shc,1671876450.dop012.fr8.t,1671876450.cds269.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=786
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
2198
x-amz-id-2
QW5e8vcfan6o1xH1CQY0mbagJnNOEvXyoTnRNAj6kYma7kLrrxKJfykrggm7xnIKpqLmWdqM+1I=
Toyota_infoicon_white.png
cdn.flashtalking.com/129256/instantAssets/ Frame 64B6 		243 B
865 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/129256/instantAssets/Toyota_infoicon_white.png
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/129256/3290827/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
203340e805a9ee22c5a35eda18234ee389287a000f727144b444208c4fb0e27e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:30 GMT
Content-Encoding
gzip
x-amz-request-id
CM7CRMNDK2S3TN6K
Connection
Keep-Alive
Content-Length
200
x-amz-id-2
1CjWBlL0mdelBYv8kysdRFJ0edjTYBDFS061CXOABR4pp4A0bksogdwoLT+UHfETHuUX3w0IFzI=
Last-Modified
Thu, 06 Oct 2022 10:19:00 GMT
ETag
"1665051540"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
X-HW
1671876449.dop241.fr8.shc,1671876450.dop241.fr8.t,1671876450.cds235.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=224
Accept-Ranges
bytes
ToyotaType-Book.woff2
cdn.flashtalking.com/129256/3290827/webfont/ Frame 64B6 		35 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/129256/3290827/webfont/ToyotaType-Book.woff2
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=efljs&e=1535582086632
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
5b4a4bb9b2433c24ad694397349c843ff72aae282b99a5c87a59cd3d9e96ee65

Request headers

Referer
https://cdn.flashtalking.com/129256/3290827/index.html
Origin
https://cdn.flashtalking.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:30 GMT
Last-Modified
Mon, 28 Dec 2020 13:38:23 GMT
x-amz-request-id
1ZPMFXMP6ASD9KZT
ETag
"1609162703"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
X-HW
1671876449.dop231.fr8.shc,1671876450.dop231.fr8.t,1671876450.cds011.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=78721
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
35812
x-amz-id-2
+HNy03F+J3eFaZ4UnVtegQBchzxXox+D5zUNDhRZz2JqnPcWBNW8x9pLpS6V5WleECBc1u0o0IY=
PT2200023_AygoX_Infrastructure_Superbanner_728x90.png
cdn.flashtalking.com/129256/instantAssets/ Frame C39E 		103 KB
104 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/129256/instantAssets/PT2200023_AygoX_Infrastructure_Superbanner_728x90.png
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/129256/3290827/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
893cc261113d560246c0e2e2154a832e73e6aa229ffbcecdb9ed423db9465be8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:30 GMT
Content-Encoding
gzip
x-amz-request-id
S7ZGVAMJ2RF0S6CA
Connection
Keep-Alive
Content-Length
105647
x-amz-id-2
cTaGHkhfxVr7RfN1EFhIXRkd9Rl6NRD1T1cNckEwjtTHvexBxSjgn5BvhiRoaOatsxX8MsafOsU=
Last-Modified
Wed, 13 Jul 2022 12:55:35 GMT
ETag
"1657716935"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
X-HW
1671876449.dop231.fr8.shc,1671876450.dop231.fr8.t,1671876450.cds153.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=786
Accept-Ranges
bytes
PT2200023_AygoX_Infrastructure_Superbanner_728x90_V2.png
cdn.flashtalking.com/129256/instantAssets/ Frame C39E 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/129256/instantAssets/PT2200023_AygoX_Infrastructure_Superbanner_728x90_V2.png
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/129256/3290827/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
34a50a01804d1fec638ae21cbf395c1d8bb8303359459c4831eba29aad93c27a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:30 GMT
Last-Modified
Wed, 13 Jul 2022 12:55:35 GMT
x-amz-request-id
FPAWF53A67H0CMNB
ETag
"1657716935"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
X-HW
1671876449.dop222.fr8.shc,1671876450.dop222.fr8.t,1671876450.cds285.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=786
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
68391
x-amz-id-2
PrpZJ4Y4j9/8Lfzoi9P9Zyn2NtrHjUCot3MWVDCKDRmPksidQc3tLlU4um2FaaE8+1J1+nsQj/o=
PT2200023_AygoX_Superbanner_728x90_V2.png
cdn.flashtalking.com/129256/instantAssets/ Frame C39E 		94 KB
95 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/129256/instantAssets/PT2200023_AygoX_Superbanner_728x90_V2.png
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/129256/3290827/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
3017ae358550cfa63aa1da2a66981d7492744cc695db5700e5cb2536c9f52bd8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:30 GMT
Last-Modified
Wed, 13 Jul 2022 12:55:35 GMT
x-amz-request-id
FPAX8TQ1YQQ9FD1F
ETag
"1657716935"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
X-HW
1671876449.dop012.fr8.shc,1671876450.dop012.fr8.t,1671876450.cds165.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
96597
x-amz-id-2
P4lw+/ZBjwWcq/0NRlFVeu+LaJNwhwtKdSwUbYa4kW5xP8cZSDQxs8PgAlbYrsud3n/JTHf2e9w=
deactivate.png
cdn.flashtalking.com/129256/instantAssets/ Frame C39E 		931 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/129256/instantAssets/deactivate.png
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/129256/3290827/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
09b768f65e6055a413ecabf6e793257aec9656e2d1104a6946f94e81eeb43212

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:30 GMT
Content-Encoding
gzip
x-amz-request-id
A7AK3DCKFN7R1XP8
Connection
Keep-Alive
Content-Length
611
x-amz-id-2
w4/sCdGZgzMJ49tid27vaQsH2KYMLGIv9vsfo2wuB+S6VV9bvqZpdIscsxWlit6NFsKoZU+ZJYo=
Last-Modified
Tue, 06 Sep 2022 09:12:49 GMT
ETag
"1662455569"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
X-HW
1671876449.dop231.fr8.shc,1671876450.dop231.fr8.t,1671876450.cds147.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=558
Accept-Ranges
bytes
Trigger_Redline_728x90.png
cdn.flashtalking.com/129256/instantAssets/ Frame C39E 		579 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/129256/instantAssets/Trigger_Redline_728x90.png
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/129256/3290827/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
e4c80c7e1fea7c6772d526a8bd5845218e020c523d75d79b7937468f51c5af75

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:30 GMT
Last-Modified
Wed, 13 Jul 2022 14:35:58 GMT
x-amz-request-id
98S21XFKDTYPDS3P
ETag
"1657722958"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
X-HW
1671876449.dop222.fr8.shc,1671876450.dop222.fr8.t,1671876450.cds220.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=786
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
579
x-amz-id-2
GhWhXyik4Nygy3OdejHOHyk43POl+zOKmahfhWV+Utfm3/GqHkRN3XMbcu5DrkYWFAHqGPK0IAk=
Toyota_1456x180_Logo_White.png
cdn.flashtalking.com/129256/instantAssets/ Frame C39E 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/129256/instantAssets/Toyota_1456x180_Logo_White.png
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/129256/3290827/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
67ea6433230f60c2eee0a4cadcb121c30844d2c0c042fb95d4c4751a5a0adedb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:30 GMT
Last-Modified
Tue, 22 Nov 2022 09:43:07 GMT
x-amz-request-id
NYAA502F85FK6625
ETag
"1669110187"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
X-HW
1671876449.dop204.fr8.shc,1671876450.dop204.fr8.t,1671876450.cds269.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=786
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
2198
x-amz-id-2
QW5e8vcfan6o1xH1CQY0mbagJnNOEvXyoTnRNAj6kYma7kLrrxKJfykrggm7xnIKpqLmWdqM+1I=
Toyota_infoicon_white.png
cdn.flashtalking.com/129256/instantAssets/ Frame C39E 		243 B
865 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/129256/instantAssets/Toyota_infoicon_white.png
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/129256/3290827/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
203340e805a9ee22c5a35eda18234ee389287a000f727144b444208c4fb0e27e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:30 GMT
Content-Encoding
gzip
x-amz-request-id
CM7CRMNDK2S3TN6K
Connection
Keep-Alive
Content-Length
200
x-amz-id-2
1CjWBlL0mdelBYv8kysdRFJ0edjTYBDFS061CXOABR4pp4A0bksogdwoLT+UHfETHuUX3w0IFzI=
Last-Modified
Thu, 06 Oct 2022 10:19:00 GMT
ETag
"1665051540"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
X-HW
1671876449.dop012.fr8.shc,1671876450.dop012.fr8.t,1671876450.cds235.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=224
Accept-Ranges
bytes
ToyotaType-Book.woff2
cdn.flashtalking.com/129256/3290827/webfont/ Frame C39E 		35 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/129256/3290827/webfont/ToyotaType-Book.woff2
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=hxphinku&e=1535582086632
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
5b4a4bb9b2433c24ad694397349c843ff72aae282b99a5c87a59cd3d9e96ee65

Request headers

Referer
https://cdn.flashtalking.com/129256/3290827/index.html
Origin
https://cdn.flashtalking.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:30 GMT
Last-Modified
Mon, 28 Dec 2020 13:38:23 GMT
x-amz-request-id
1ZPMFXMP6ASD9KZT
ETag
"1609162703"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
X-HW
1671876449.dop222.fr8.shc,1671876450.dop222.fr8.t,1671876450.cds011.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=78721
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
35812
x-amz-id-2
+HNy03F+J3eFaZ4UnVtegQBchzxXox+D5zUNDhRZz2JqnPcWBNW8x9pLpS6V5WleECBc1u0o0IY=
PT2200023_AygoX_Infrastructure_Superbanner_728x90.png
cdn.flashtalking.com/129256/instantAssets/ Frame 1A6B 		103 KB
104 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/129256/instantAssets/PT2200023_AygoX_Infrastructure_Superbanner_728x90.png
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/129256/3290827/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
893cc261113d560246c0e2e2154a832e73e6aa229ffbcecdb9ed423db9465be8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:30 GMT
Content-Encoding
gzip
x-amz-request-id
S7ZGVAMJ2RF0S6CA
Connection
Keep-Alive
Content-Length
105647
x-amz-id-2
cTaGHkhfxVr7RfN1EFhIXRkd9Rl6NRD1T1cNckEwjtTHvexBxSjgn5BvhiRoaOatsxX8MsafOsU=
Last-Modified
Wed, 13 Jul 2022 12:55:35 GMT
ETag
"1657716935"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
X-HW
1671876449.dop204.fr8.shc,1671876450.dop204.fr8.t,1671876450.cds153.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=786
Accept-Ranges
bytes
PT2200023_AygoX_Infrastructure_Superbanner_728x90_V2.png
cdn.flashtalking.com/129256/instantAssets/ Frame 1A6B 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/129256/instantAssets/PT2200023_AygoX_Infrastructure_Superbanner_728x90_V2.png
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/129256/3290827/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
34a50a01804d1fec638ae21cbf395c1d8bb8303359459c4831eba29aad93c27a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:30 GMT
Last-Modified
Wed, 13 Jul 2022 12:55:35 GMT
x-amz-request-id
FPAWF53A67H0CMNB
ETag
"1657716935"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
X-HW
1671876449.dop241.fr8.shc,1671876450.dop241.fr8.t,1671876450.cds285.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=786
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
68391
x-amz-id-2
PrpZJ4Y4j9/8Lfzoi9P9Zyn2NtrHjUCot3MWVDCKDRmPksidQc3tLlU4um2FaaE8+1J1+nsQj/o=
PT2200023_AygoX_Superbanner_728x90_V2.png
cdn.flashtalking.com/129256/instantAssets/ Frame 1A6B 		94 KB
95 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/129256/instantAssets/PT2200023_AygoX_Superbanner_728x90_V2.png
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/129256/3290827/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
3017ae358550cfa63aa1da2a66981d7492744cc695db5700e5cb2536c9f52bd8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:30 GMT
Last-Modified
Wed, 13 Jul 2022 12:55:35 GMT
x-amz-request-id
FPAX8TQ1YQQ9FD1F
ETag
"1657716935"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
X-HW
1671876449.dop162.fr8.shc,1671876450.dop162.fr8.t,1671876450.cds165.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
96597
x-amz-id-2
P4lw+/ZBjwWcq/0NRlFVeu+LaJNwhwtKdSwUbYa4kW5xP8cZSDQxs8PgAlbYrsud3n/JTHf2e9w=
deactivate.png
cdn.flashtalking.com/129256/instantAssets/ Frame 1A6B 		931 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/129256/instantAssets/deactivate.png
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/129256/3290827/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
09b768f65e6055a413ecabf6e793257aec9656e2d1104a6946f94e81eeb43212

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:30 GMT
Content-Encoding
gzip
x-amz-request-id
A7AK3DCKFN7R1XP8
Connection
Keep-Alive
Content-Length
611
x-amz-id-2
w4/sCdGZgzMJ49tid27vaQsH2KYMLGIv9vsfo2wuB+S6VV9bvqZpdIscsxWlit6NFsKoZU+ZJYo=
Last-Modified
Tue, 06 Sep 2022 09:12:49 GMT
ETag
"1662455569"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
X-HW
1671876449.dop162.fr8.shc,1671876450.dop162.fr8.t,1671876450.cds147.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=558
Accept-Ranges
bytes
Trigger_Redline_728x90.png
cdn.flashtalking.com/129256/instantAssets/ Frame 1A6B 		579 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/129256/instantAssets/Trigger_Redline_728x90.png
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/129256/3290827/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
e4c80c7e1fea7c6772d526a8bd5845218e020c523d75d79b7937468f51c5af75

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:30 GMT
Last-Modified
Wed, 13 Jul 2022 14:35:58 GMT
x-amz-request-id
98S21XFKDTYPDS3P
ETag
"1657722958"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
X-HW
1671876449.dop241.fr8.shc,1671876450.dop241.fr8.t,1671876450.cds220.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=786
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
579
x-amz-id-2
GhWhXyik4Nygy3OdejHOHyk43POl+zOKmahfhWV+Utfm3/GqHkRN3XMbcu5DrkYWFAHqGPK0IAk=
Toyota_1456x180_Logo_White.png
cdn.flashtalking.com/129256/instantAssets/ Frame 1A6B 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/129256/instantAssets/Toyota_1456x180_Logo_White.png
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/129256/3290827/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
67ea6433230f60c2eee0a4cadcb121c30844d2c0c042fb95d4c4751a5a0adedb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:30 GMT
Last-Modified
Tue, 22 Nov 2022 09:43:07 GMT
x-amz-request-id
NYAA502F85FK6625
ETag
"1669110187"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
X-HW
1671876449.dop231.fr8.shc,1671876450.dop231.fr8.t,1671876450.cds269.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=786
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
2198
x-amz-id-2
QW5e8vcfan6o1xH1CQY0mbagJnNOEvXyoTnRNAj6kYma7kLrrxKJfykrggm7xnIKpqLmWdqM+1I=
Toyota_infoicon_white.png
cdn.flashtalking.com/129256/instantAssets/ Frame 1A6B 		243 B
865 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/129256/instantAssets/Toyota_infoicon_white.png
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/129256/3290827/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
203340e805a9ee22c5a35eda18234ee389287a000f727144b444208c4fb0e27e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:30 GMT
Content-Encoding
gzip
x-amz-request-id
CM7CRMNDK2S3TN6K
Connection
Keep-Alive
Content-Length
200
x-amz-id-2
1CjWBlL0mdelBYv8kysdRFJ0edjTYBDFS061CXOABR4pp4A0bksogdwoLT+UHfETHuUX3w0IFzI=
Last-Modified
Thu, 06 Oct 2022 10:19:00 GMT
ETag
"1665051540"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
X-HW
1671876449.dop222.fr8.shc,1671876450.dop222.fr8.t,1671876450.cds235.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=224
Accept-Ranges
bytes
ToyotaType-Book.woff2
cdn.flashtalking.com/129256/3290827/webfont/ Frame 1A6B 		35 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/129256/3290827/webfont/ToyotaType-Book.woff2
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=sqwwysn&e=1535582086632
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
5b4a4bb9b2433c24ad694397349c843ff72aae282b99a5c87a59cd3d9e96ee65

Request headers

Referer
https://cdn.flashtalking.com/129256/3290827/index.html
Origin
https://cdn.flashtalking.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:30 GMT
Last-Modified
Mon, 28 Dec 2020 13:38:23 GMT
x-amz-request-id
1ZPMFXMP6ASD9KZT
ETag
"1609162703"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
X-HW
1671876449.dop241.fr8.shc,1671876450.dop241.fr8.t,1671876450.cds011.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=78721
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
35812
x-amz-id-2
+HNy03F+J3eFaZ4UnVtegQBchzxXox+D5zUNDhRZz2JqnPcWBNW8x9pLpS6V5WleECBc1u0o0IY=
PT2200023_AygoX_Infrastructure_Superbanner_728x90.png
cdn.flashtalking.com/129256/instantAssets/ Frame ED46 		103 KB
104 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/129256/instantAssets/PT2200023_AygoX_Infrastructure_Superbanner_728x90.png
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/129256/3290827/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
893cc261113d560246c0e2e2154a832e73e6aa229ffbcecdb9ed423db9465be8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:30 GMT
Content-Encoding
gzip
x-amz-request-id
S7ZGVAMJ2RF0S6CA
Connection
Keep-Alive
Content-Length
105647
x-amz-id-2
cTaGHkhfxVr7RfN1EFhIXRkd9Rl6NRD1T1cNckEwjtTHvexBxSjgn5BvhiRoaOatsxX8MsafOsU=
Last-Modified
Wed, 13 Jul 2022 12:55:35 GMT
ETag
"1657716935"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
X-HW
1671876449.dop222.fr8.shc,1671876450.dop222.fr8.t,1671876450.cds153.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=786
Accept-Ranges
bytes
PT2200023_AygoX_Infrastructure_Superbanner_728x90_V2.png
cdn.flashtalking.com/129256/instantAssets/ Frame ED46 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/129256/instantAssets/PT2200023_AygoX_Infrastructure_Superbanner_728x90_V2.png
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/129256/3290827/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
34a50a01804d1fec638ae21cbf395c1d8bb8303359459c4831eba29aad93c27a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:30 GMT
Last-Modified
Wed, 13 Jul 2022 12:55:35 GMT
x-amz-request-id
FPAWF53A67H0CMNB
ETag
"1657716935"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
X-HW
1671876449.dop204.fr8.shc,1671876450.dop204.fr8.t,1671876450.cds285.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=786
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
68391
x-amz-id-2
PrpZJ4Y4j9/8Lfzoi9P9Zyn2NtrHjUCot3MWVDCKDRmPksidQc3tLlU4um2FaaE8+1J1+nsQj/o=
PT2200023_AygoX_Superbanner_728x90_V2.png
cdn.flashtalking.com/129256/instantAssets/ Frame ED46 		94 KB
95 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/129256/instantAssets/PT2200023_AygoX_Superbanner_728x90_V2.png
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/129256/3290827/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
3017ae358550cfa63aa1da2a66981d7492744cc695db5700e5cb2536c9f52bd8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:30 GMT
Last-Modified
Wed, 13 Jul 2022 12:55:35 GMT
x-amz-request-id
FPAX8TQ1YQQ9FD1F
ETag
"1657716935"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
X-HW
1671876449.dop012.fr8.shc,1671876450.dop012.fr8.t,1671876450.cds165.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
96597
x-amz-id-2
P4lw+/ZBjwWcq/0NRlFVeu+LaJNwhwtKdSwUbYa4kW5xP8cZSDQxs8PgAlbYrsud3n/JTHf2e9w=
deactivate.png
cdn.flashtalking.com/129256/instantAssets/ Frame ED46 		931 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/129256/instantAssets/deactivate.png
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/129256/3290827/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
09b768f65e6055a413ecabf6e793257aec9656e2d1104a6946f94e81eeb43212

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:30 GMT
Content-Encoding
gzip
x-amz-request-id
A7AK3DCKFN7R1XP8
Connection
Keep-Alive
Content-Length
611
x-amz-id-2
w4/sCdGZgzMJ49tid27vaQsH2KYMLGIv9vsfo2wuB+S6VV9bvqZpdIscsxWlit6NFsKoZU+ZJYo=
Last-Modified
Tue, 06 Sep 2022 09:12:49 GMT
ETag
"1662455569"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
X-HW
1671876449.dop241.fr8.shc,1671876450.dop241.fr8.t,1671876450.cds147.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=558
Accept-Ranges
bytes
Trigger_Redline_728x90.png
cdn.flashtalking.com/129256/instantAssets/ Frame ED46 		579 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/129256/instantAssets/Trigger_Redline_728x90.png
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/129256/3290827/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
e4c80c7e1fea7c6772d526a8bd5845218e020c523d75d79b7937468f51c5af75

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:30 GMT
Last-Modified
Wed, 13 Jul 2022 14:35:58 GMT
x-amz-request-id
98S21XFKDTYPDS3P
ETag
"1657722958"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
X-HW
1671876449.dop231.fr8.shc,1671876450.dop231.fr8.t,1671876450.cds220.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=786
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
579
x-amz-id-2
GhWhXyik4Nygy3OdejHOHyk43POl+zOKmahfhWV+Utfm3/GqHkRN3XMbcu5DrkYWFAHqGPK0IAk=
Toyota_1456x180_Logo_White.png
cdn.flashtalking.com/129256/instantAssets/ Frame ED46 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/129256/instantAssets/Toyota_1456x180_Logo_White.png
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/129256/3290827/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
67ea6433230f60c2eee0a4cadcb121c30844d2c0c042fb95d4c4751a5a0adedb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:30 GMT
Last-Modified
Tue, 22 Nov 2022 09:43:07 GMT
x-amz-request-id
NYAA502F85FK6625
ETag
"1669110187"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
X-HW
1671876449.dop222.fr8.shc,1671876450.dop222.fr8.t,1671876450.cds269.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=786
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
2198
x-amz-id-2
QW5e8vcfan6o1xH1CQY0mbagJnNOEvXyoTnRNAj6kYma7kLrrxKJfykrggm7xnIKpqLmWdqM+1I=
Toyota_infoicon_white.png
cdn.flashtalking.com/129256/instantAssets/ Frame ED46 		243 B
865 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/129256/instantAssets/Toyota_infoicon_white.png
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/129256/3290827/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
203340e805a9ee22c5a35eda18234ee389287a000f727144b444208c4fb0e27e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:30 GMT
Content-Encoding
gzip
x-amz-request-id
CM7CRMNDK2S3TN6K
Connection
Keep-Alive
Content-Length
200
x-amz-id-2
1CjWBlL0mdelBYv8kysdRFJ0edjTYBDFS061CXOABR4pp4A0bksogdwoLT+UHfETHuUX3w0IFzI=
Last-Modified
Thu, 06 Oct 2022 10:19:00 GMT
ETag
"1665051540"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
X-HW
1671876449.dop162.fr8.shc,1671876450.dop162.fr8.t,1671876450.cds235.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=224
Accept-Ranges
bytes
ToyotaType-Book.woff2
cdn.flashtalking.com/129256/3290827/webfont/ Frame ED46 		35 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/129256/3290827/webfont/ToyotaType-Book.woff2
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=ajdxfouger&e=1535582086632
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
5b4a4bb9b2433c24ad694397349c843ff72aae282b99a5c87a59cd3d9e96ee65

Request headers

Referer
https://cdn.flashtalking.com/129256/3290827/index.html
Origin
https://cdn.flashtalking.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:30 GMT
Last-Modified
Mon, 28 Dec 2020 13:38:23 GMT
x-amz-request-id
1ZPMFXMP6ASD9KZT
ETag
"1609162703"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
X-HW
1671876449.dop241.fr8.shc,1671876450.dop241.fr8.t,1671876450.cds011.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=78721
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
35812
x-amz-id-2
+HNy03F+J3eFaZ4UnVtegQBchzxXox+D5zUNDhRZz2JqnPcWBNW8x9pLpS6V5WleECBc1u0o0IY=
publishertag.prebid.130.js
static.criteo.net/js/ld/ Frame 426A 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.130.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:30 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 17 Sep 2022 19:59:55 GMT
server
nginx
etag
W/"6326273b-16120"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 25 Dec 2022 10:07:30 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 70FB 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
290198
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 21 Dec 2022 01:30:52 GMT
expires
Thu, 21 Dec 2023 01:30:52 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dt
dt.adsafeprotected.com/ Frame 90BF 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=992712&asId=49e132d2-5ad6-58a6-64ce-f1e52a531ee1&tv=%7Bc:xHUzTW,pingTime:1,time:7566,type:p,im:%7Bimprf:%7Bttecl:9370,ecd:960,tsecr:1990%7D%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:4492%7D,%7Bpiv:100,vs:i,r:,t:6068%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:1498,o:6068,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:4491,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1633~0%5D,as:%5B1633~728.90%5D%7D%7D,%7Bsl:i,t:6068,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1498~100%5D,as:%5B1498~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:1383,fm:tqVxaI2+11%7C121%7C131%7C141%7C151%7C161%7C171%7C181%7C191%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e11%7C1e12%7C1e13%7C1f11%7C1f12%7C1f13%7C1g11%7C1g21%7C1g3%7C1g4%7C1g5%7C1h1.992712-61653181%7C1h11%7C1h12%7C1h2%7C1h3%7C1h41%7C1h5%7C1i11%7C1i12%7C1i13%7C1i2%7C1i31%7C1i4%7C1i5%7C1j1*.992712-61653181%7C1j11%7C1j12%7C1j2%7C1j31%7C1j4%7C1j5%7C1k1.992712-61653181%7C1k11%7C1k12%7C1k21%7C1k3%7C1k4%7C1k5%7C1l1.992712-61653181%7C1l11%7C1l12%7C1l2%7C1l3%7C1l4%7C1l51%7C1m1.992712-61653181%7C1m11%7C1m12%7C1m2%7C1m31%7C1m4%7C1m5%7C1n1.992712-61653181%7C1n11%7C1n12%7C1n13%7C1n2%7C1n3%7C1n4%7C1n51%7C1o1.992712-61653181%7C1o11%7C1o12%7C1o13%7C1o21%7C1o3%7C1o4%7C1o5%7C1p11%7C1p12%7C1p13%7C1p14%7C1p15%7C1p2%7C1p3%7C1p41%7C1p5%7C1q11%7C1q12%7C1q2%7C1q3%7C1q4%7C1q51%7C1r11%7C1r12%7C1r13%7C1r2%7C1r3%7C1r41%7C1r5%7C1s11%7C1s12%7C1s13%7C1s2%7C1s3%7C1s4%7C1s51%7C1t%7C1u11%7C1u12%7C1u13%7C1v11%7C1v12%7C1v21%7C1v3%7C1v4%7C1v5%7C1w11%7C1w2%7C1w3%7C1w41%7C1w5%7C1x1%7C1x21%7C1x3%7C1x4%7C1x5%7C1y11%7C1y12%7C1y2%7C1y31%7C1y4%7C1y5%7C1z11%7C1z12%7C1z2%7C1z3%7C1z41%7C1z5%7C11011%7C11012%7C1102%7C11031%7C1104%7C1105%7C1111%7C1112%7C11131%7C1114%7C1115%7C11211%7C11212%7C1122%7C1123%7C1124%7C11251%7C11311%7C1132%7C1133%7C1134%7C11351%7C11411%7C11412%7C1142%7C1143%7C11441%7C1145%7C11511%7C11611%7C1171%7C11721%7C1173%7C1174%7C1175%7C11811%7C11812%7C11821%7C1183%7C1184%7C1185%7C11911%7C11912%7C11921%7C1193%7C1194%7C1195%7C11a11%7C11a12%7C11a21%7C11a3%7C11a4%7C11a5%7C11b1%7C11b2%7C11b3%7C11b4%7C11b5%7C11c1%7C11c2%7C11c3%7C11c4%7C11c5%7C11d11%7C11d12%7C11d2%7C11d3%7C11d4%7C11d5%7C11e11%7C11e12%7C11e21%7C11f11%7C11f12%7C11f2%7C11g11%7C11g2%7C11g3%7C11g4%7C11g5%7C11h11%7C11h12%7C11h2%7C11i11%7C11i12%7C11i2%7C11j1%7C11k1%7C11l1%7C11m1%7C11n1%7C11o1%7C11p1%7C11q1%7C11q21%7C11q22%7C11q23%7C11q24%7C11q25%7C11q26%7C11q27%7C11q28%7C11q29%7C11q2a%7C11q2b%7C11q2c%7C11q2d%7C11q2e%7C11q2f%7C11q2g%7C11q2h%7C11q2i%7C11q3%7C11q4%7C11r1%7C11r2%7C11r3%7C11r4%7C11s1%7C11s2%7C11s3%7C11s4%7C11t1%7C11t2%7C11t3%7C11t4%7C11u1%7C11u2%7C11u3%7C11u4,idMap:1j1*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:4493,sis:7443%7D&br=c
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=efljs&e=1535582086632
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:e69a:c43c:f0d:9cd8 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:30 GMT
server
nginx
x-server-name
dt06.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 90BF 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=992712&asId=49e132d2-5ad6-58a6-64ce-f1e52a531ee1&tv=%7Bc:xHUzTW,pingTime:1,time:7566,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:4492%7D,%7Bpiv:100,vs:i,r:,t:6068%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:1498,o:6068,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:4491,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1633~0%5D,as:%5B1633~728.90%5D%7D%7D,%7Bsl:i,t:6068,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1498~100%5D,as:%5B1498~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:1383,fm:tqVxaI2+11%7C121%7C131%7C141%7C151%7C161%7C171%7C181%7C191%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e11%7C1e12%7C1e13%7C1f11%7C1f12%7C1f13%7C1g11%7C1g21%7C1g3%7C1g4%7C1g5%7C1h1.992712-61653181%7C1h11%7C1h12%7C1h2%7C1h3%7C1h41%7C1h5%7C1i11%7C1i12%7C1i13%7C1i2%7C1i31%7C1i4%7C1i5%7C1j1*.992712-61653181%7C1j11%7C1j12%7C1j2%7C1j31%7C1j4%7C1j5%7C1k1.992712-61653181%7C1k11%7C1k12%7C1k21%7C1k3%7C1k4%7C1k5%7C1l1.992712-61653181%7C1l11%7C1l12%7C1l2%7C1l3%7C1l4%7C1l51%7C1m1.992712-61653181%7C1m11%7C1m12%7C1m2%7C1m31%7C1m4%7C1m5%7C1n1.992712-61653181%7C1n11%7C1n12%7C1n13%7C1n2%7C1n3%7C1n4%7C1n51%7C1o1.992712-61653181%7C1o11%7C1o12%7C1o13%7C1o21%7C1o3%7C1o4%7C1o5%7C1p11%7C1p12%7C1p13%7C1p14%7C1p15%7C1p2%7C1p3%7C1p41%7C1p5%7C1q11%7C1q12%7C1q2%7C1q3%7C1q4%7C1q51%7C1r11%7C1r12%7C1r13%7C1r2%7C1r3%7C1r41%7C1r5%7C1s11%7C1s12%7C1s13%7C1s2%7C1s3%7C1s4%7C1s51%7C1t%7C1u11%7C1u12%7C1u13%7C1v11%7C1v12%7C1v21%7C1v3%7C1v4%7C1v5%7C1w11%7C1w2%7C1w3%7C1w41%7C1w5%7C1x1%7C1x21%7C1x3%7C1x4%7C1x5%7C1y11%7C1y12%7C1y2%7C1y31%7C1y4%7C1y5%7C1z11%7C1z12%7C1z2%7C1z3%7C1z41%7C1z5%7C11011%7C11012%7C1102%7C11031%7C1104%7C1105%7C1111%7C1112%7C11131%7C1114%7C1115%7C11211%7C11212%7C1122%7C1123%7C1124%7C11251%7C11311%7C1132%7C1133%7C1134%7C11351%7C11411%7C11412%7C1142%7C1143%7C11441%7C1145%7C11511%7C11611%7C1171%7C11721%7C1173%7C1174%7C1175%7C11811%7C11812%7C11821%7C1183%7C1184%7C1185%7C11911%7C11912%7C11921%7C1193%7C1194%7C1195%7C11a11%7C11a12%7C11a21%7C11a3%7C11a4%7C11a5%7C11b1%7C11b2%7C11b3%7C11b4%7C11b5%7C11c1%7C11c2%7C11c3%7C11c4%7C11c5%7C11d11%7C11d12%7C11d2%7C11d3%7C11d4%7C11d5%7C11e11%7C11e12%7C11e21%7C11f11%7C11f12%7C11f2%7C11g11%7C11g2%7C11g3%7C11g4%7C11g5%7C11h11%7C11h12%7C11h2%7C11i11%7C11i12%7C11i2%7C11j1%7C11k1%7C11l1%7C11m1%7C11n1%7C11o1%7C11p1%7C11q1%7C11q21%7C11q22%7C11q23%7C11q24%7C11q25%7C11q26%7C11q27%7C11q28%7C11q29%7C11q2a%7C11q2b%7C11q2c%7C11q2d%7C11q2e%7C11q2f%7C11q2g%7C11q2h%7C11q2i%7C11q3%7C11q4%7C11r1%7C11r2%7C11r3%7C11r4%7C11s1%7C11s2%7C11s3%7C11s4%7C11t1%7C11t2%7C11t3%7C11t4%7C11u1%7C11u2%7C11u3%7C11u4,idMap:1j1*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:4493,sis:7443%7D&br=c
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=efljs&e=1535582086632
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:e69a:c43c:f0d:9cd8 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:30 GMT
server
nginx
x-server-name
dt05.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
usync.js
eus.rubiconproject.com/ Frame 9CD8 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9978410e404c2f058fe25e4d4a70899c7a817bc0b86eddb39d97e827038aa770

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:30 GMT
content-encoding
gzip
last-modified
Sat, 24 Dec 2022 03:57:26 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=64186
content-length
10066
expires
Sun, 25 Dec 2022 03:57:16 GMT
usync.js
eus.rubiconproject.com/ Frame 566A 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9978410e404c2f058fe25e4d4a70899c7a817bc0b86eddb39d97e827038aa770

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:30 GMT
content-encoding
gzip
last-modified
Sat, 24 Dec 2022 03:57:26 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=64186
content-length
10066
expires
Sun, 25 Dec 2022 03:57:16 GMT
PT2200023_AygoX_Infrastructure_Superbanner_728x90.png
cdn.flashtalking.com/129256/instantAssets/ Frame 9A07 		103 KB
104 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/129256/instantAssets/PT2200023_AygoX_Infrastructure_Superbanner_728x90.png
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/129256/3290827/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
893cc261113d560246c0e2e2154a832e73e6aa229ffbcecdb9ed423db9465be8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:30 GMT
Content-Encoding
gzip
x-amz-request-id
S7ZGVAMJ2RF0S6CA
Connection
Keep-Alive
Content-Length
105647
x-amz-id-2
cTaGHkhfxVr7RfN1EFhIXRkd9Rl6NRD1T1cNckEwjtTHvexBxSjgn5BvhiRoaOatsxX8MsafOsU=
Last-Modified
Wed, 13 Jul 2022 12:55:35 GMT
ETag
"1657716935"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
X-HW
1671876449.dop204.fr8.shc,1671876450.dop204.fr8.t,1671876450.cds153.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=786
Accept-Ranges
bytes
PT2200023_AygoX_Infrastructure_Superbanner_728x90_V2.png
cdn.flashtalking.com/129256/instantAssets/ Frame 9A07 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/129256/instantAssets/PT2200023_AygoX_Infrastructure_Superbanner_728x90_V2.png
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/129256/3290827/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
34a50a01804d1fec638ae21cbf395c1d8bb8303359459c4831eba29aad93c27a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:30 GMT
Last-Modified
Wed, 13 Jul 2022 12:55:35 GMT
x-amz-request-id
FPAWF53A67H0CMNB
ETag
"1657716935"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
X-HW
1671876449.dop241.fr8.shc,1671876450.dop241.fr8.t,1671876450.cds285.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=786
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
68391
x-amz-id-2
PrpZJ4Y4j9/8Lfzoi9P9Zyn2NtrHjUCot3MWVDCKDRmPksidQc3tLlU4um2FaaE8+1J1+nsQj/o=
PT2200023_AygoX_Superbanner_728x90_V2.png
cdn.flashtalking.com/129256/instantAssets/ Frame 9A07 		94 KB
95 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/129256/instantAssets/PT2200023_AygoX_Superbanner_728x90_V2.png
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/129256/3290827/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
3017ae358550cfa63aa1da2a66981d7492744cc695db5700e5cb2536c9f52bd8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:30 GMT
Last-Modified
Wed, 13 Jul 2022 12:55:35 GMT
x-amz-request-id
FPAX8TQ1YQQ9FD1F
ETag
"1657716935"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
X-HW
1671876449.dop231.fr8.shc,1671876450.dop231.fr8.t,1671876450.cds165.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
96597
x-amz-id-2
P4lw+/ZBjwWcq/0NRlFVeu+LaJNwhwtKdSwUbYa4kW5xP8cZSDQxs8PgAlbYrsud3n/JTHf2e9w=
deactivate.png
cdn.flashtalking.com/129256/instantAssets/ Frame 9A07 		931 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/129256/instantAssets/deactivate.png
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/129256/3290827/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
09b768f65e6055a413ecabf6e793257aec9656e2d1104a6946f94e81eeb43212

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:30 GMT
Content-Encoding
gzip
x-amz-request-id
A7AK3DCKFN7R1XP8
Connection
Keep-Alive
Content-Length
611
x-amz-id-2
w4/sCdGZgzMJ49tid27vaQsH2KYMLGIv9vsfo2wuB+S6VV9bvqZpdIscsxWlit6NFsKoZU+ZJYo=
Last-Modified
Tue, 06 Sep 2022 09:12:49 GMT
ETag
"1662455569"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
X-HW
1671876449.dop222.fr8.shc,1671876450.dop222.fr8.t,1671876450.cds147.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=558
Accept-Ranges
bytes
Trigger_Redline_728x90.png
cdn.flashtalking.com/129256/instantAssets/ Frame 9A07 		579 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/129256/instantAssets/Trigger_Redline_728x90.png
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/129256/3290827/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
e4c80c7e1fea7c6772d526a8bd5845218e020c523d75d79b7937468f51c5af75

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:30 GMT
Last-Modified
Wed, 13 Jul 2022 14:35:58 GMT
x-amz-request-id
98S21XFKDTYPDS3P
ETag
"1657722958"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
X-HW
1671876449.dop012.fr8.shc,1671876450.dop012.fr8.t,1671876450.cds220.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=786
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
579
x-amz-id-2
GhWhXyik4Nygy3OdejHOHyk43POl+zOKmahfhWV+Utfm3/GqHkRN3XMbcu5DrkYWFAHqGPK0IAk=
Toyota_1456x180_Logo_White.png
cdn.flashtalking.com/129256/instantAssets/ Frame 9A07 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/129256/instantAssets/Toyota_1456x180_Logo_White.png
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/129256/3290827/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
67ea6433230f60c2eee0a4cadcb121c30844d2c0c042fb95d4c4751a5a0adedb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:30 GMT
Last-Modified
Tue, 22 Nov 2022 09:43:07 GMT
x-amz-request-id
NYAA502F85FK6625
ETag
"1669110187"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
X-HW
1671876449.dop204.fr8.shc,1671876450.dop204.fr8.t,1671876450.cds269.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=786
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
2198
x-amz-id-2
QW5e8vcfan6o1xH1CQY0mbagJnNOEvXyoTnRNAj6kYma7kLrrxKJfykrggm7xnIKpqLmWdqM+1I=
Toyota_infoicon_white.png
cdn.flashtalking.com/129256/instantAssets/ Frame 9A07 		243 B
865 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/129256/instantAssets/Toyota_infoicon_white.png
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/129256/3290827/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
203340e805a9ee22c5a35eda18234ee389287a000f727144b444208c4fb0e27e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:30 GMT
Content-Encoding
gzip
x-amz-request-id
CM7CRMNDK2S3TN6K
Connection
Keep-Alive
Content-Length
200
x-amz-id-2
1CjWBlL0mdelBYv8kysdRFJ0edjTYBDFS061CXOABR4pp4A0bksogdwoLT+UHfETHuUX3w0IFzI=
Last-Modified
Thu, 06 Oct 2022 10:19:00 GMT
ETag
"1665051540"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
X-HW
1671876449.dop204.fr8.shc,1671876450.dop204.fr8.t,1671876450.cds235.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=224
Accept-Ranges
bytes
ToyotaType-Book.woff2
cdn.flashtalking.com/129256/3290827/webfont/ Frame 9A07 		35 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/129256/3290827/webfont/ToyotaType-Book.woff2
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=gsuhtufxa&e=1535582086632
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
5b4a4bb9b2433c24ad694397349c843ff72aae282b99a5c87a59cd3d9e96ee65

Request headers

Referer
https://cdn.flashtalking.com/129256/3290827/index.html
Origin
https://cdn.flashtalking.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:30 GMT
Last-Modified
Mon, 28 Dec 2020 13:38:23 GMT
x-amz-request-id
1ZPMFXMP6ASD9KZT
ETag
"1609162703"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
X-HW
1671876449.dop241.fr8.shc,1671876450.dop241.fr8.t,1671876450.cds011.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=78721
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
35812
x-amz-id-2
+HNy03F+J3eFaZ4UnVtegQBchzxXox+D5zUNDhRZz2JqnPcWBNW8x9pLpS6V5WleECBc1u0o0IY=
PT2200023_AygoX_Infrastructure_Superbanner_728x90.png
cdn.flashtalking.com/129256/instantAssets/ Frame E2E0 		103 KB
104 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/129256/instantAssets/PT2200023_AygoX_Infrastructure_Superbanner_728x90.png
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/129256/3290827/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
893cc261113d560246c0e2e2154a832e73e6aa229ffbcecdb9ed423db9465be8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:30 GMT
Content-Encoding
gzip
x-amz-request-id
S7ZGVAMJ2RF0S6CA
Connection
Keep-Alive
Content-Length
105647
x-amz-id-2
cTaGHkhfxVr7RfN1EFhIXRkd9Rl6NRD1T1cNckEwjtTHvexBxSjgn5BvhiRoaOatsxX8MsafOsU=
Last-Modified
Wed, 13 Jul 2022 12:55:35 GMT
ETag
"1657716935"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
X-HW
1671876449.dop241.fr8.shc,1671876450.dop241.fr8.t,1671876450.cds153.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=786
Accept-Ranges
bytes
PT2200023_AygoX_Infrastructure_Superbanner_728x90_V2.png
cdn.flashtalking.com/129256/instantAssets/ Frame E2E0 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/129256/instantAssets/PT2200023_AygoX_Infrastructure_Superbanner_728x90_V2.png
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/129256/3290827/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
34a50a01804d1fec638ae21cbf395c1d8bb8303359459c4831eba29aad93c27a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:30 GMT
Last-Modified
Wed, 13 Jul 2022 12:55:35 GMT
x-amz-request-id
FPAWF53A67H0CMNB
ETag
"1657716935"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
X-HW
1671876449.dop222.fr8.shc,1671876450.dop222.fr8.t,1671876450.cds285.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=786
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
68391
x-amz-id-2
PrpZJ4Y4j9/8Lfzoi9P9Zyn2NtrHjUCot3MWVDCKDRmPksidQc3tLlU4um2FaaE8+1J1+nsQj/o=
PT2200023_AygoX_Superbanner_728x90_V2.png
cdn.flashtalking.com/129256/instantAssets/ Frame E2E0 		94 KB
95 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/129256/instantAssets/PT2200023_AygoX_Superbanner_728x90_V2.png
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/129256/3290827/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
3017ae358550cfa63aa1da2a66981d7492744cc695db5700e5cb2536c9f52bd8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:30 GMT
Last-Modified
Wed, 13 Jul 2022 12:55:35 GMT
x-amz-request-id
FPAX8TQ1YQQ9FD1F
ETag
"1657716935"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
X-HW
1671876449.dop231.fr8.shc,1671876450.dop231.fr8.t,1671876450.cds165.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
96597
x-amz-id-2
P4lw+/ZBjwWcq/0NRlFVeu+LaJNwhwtKdSwUbYa4kW5xP8cZSDQxs8PgAlbYrsud3n/JTHf2e9w=
deactivate.png
cdn.flashtalking.com/129256/instantAssets/ Frame E2E0 		931 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/129256/instantAssets/deactivate.png
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/129256/3290827/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
09b768f65e6055a413ecabf6e793257aec9656e2d1104a6946f94e81eeb43212

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:30 GMT
Content-Encoding
gzip
x-amz-request-id
A7AK3DCKFN7R1XP8
Connection
Keep-Alive
Content-Length
611
x-amz-id-2
w4/sCdGZgzMJ49tid27vaQsH2KYMLGIv9vsfo2wuB+S6VV9bvqZpdIscsxWlit6NFsKoZU+ZJYo=
Last-Modified
Tue, 06 Sep 2022 09:12:49 GMT
ETag
"1662455569"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
X-HW
1671876449.dop012.fr8.shc,1671876450.dop012.fr8.t,1671876450.cds147.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=558
Accept-Ranges
bytes
Trigger_Redline_728x90.png
cdn.flashtalking.com/129256/instantAssets/ Frame E2E0 		579 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/129256/instantAssets/Trigger_Redline_728x90.png
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/129256/3290827/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
e4c80c7e1fea7c6772d526a8bd5845218e020c523d75d79b7937468f51c5af75

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:30 GMT
Last-Modified
Wed, 13 Jul 2022 14:35:58 GMT
x-amz-request-id
98S21XFKDTYPDS3P
ETag
"1657722958"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
X-HW
1671876449.dop204.fr8.shc,1671876450.dop204.fr8.t,1671876450.cds220.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=786
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
579
x-amz-id-2
GhWhXyik4Nygy3OdejHOHyk43POl+zOKmahfhWV+Utfm3/GqHkRN3XMbcu5DrkYWFAHqGPK0IAk=
Toyota_1456x180_Logo_White.png
cdn.flashtalking.com/129256/instantAssets/ Frame E2E0 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/129256/instantAssets/Toyota_1456x180_Logo_White.png
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/129256/3290827/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
67ea6433230f60c2eee0a4cadcb121c30844d2c0c042fb95d4c4751a5a0adedb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:30 GMT
Last-Modified
Tue, 22 Nov 2022 09:43:07 GMT
x-amz-request-id
NYAA502F85FK6625
ETag
"1669110187"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
X-HW
1671876449.dop222.fr8.shc,1671876450.dop222.fr8.t,1671876450.cds269.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=786
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
2198
x-amz-id-2
QW5e8vcfan6o1xH1CQY0mbagJnNOEvXyoTnRNAj6kYma7kLrrxKJfykrggm7xnIKpqLmWdqM+1I=
Toyota_infoicon_white.png
cdn.flashtalking.com/129256/instantAssets/ Frame E2E0 		243 B
865 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/129256/instantAssets/Toyota_infoicon_white.png
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/129256/3290827/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
203340e805a9ee22c5a35eda18234ee389287a000f727144b444208c4fb0e27e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/129256/3290827/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:30 GMT
Content-Encoding
gzip
x-amz-request-id
CM7CRMNDK2S3TN6K
Connection
Keep-Alive
Content-Length
200
x-amz-id-2
1CjWBlL0mdelBYv8kysdRFJ0edjTYBDFS061CXOABR4pp4A0bksogdwoLT+UHfETHuUX3w0IFzI=
Last-Modified
Thu, 06 Oct 2022 10:19:00 GMT
ETag
"1665051540"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
X-HW
1671876449.dop241.fr8.shc,1671876450.dop241.fr8.t,1671876450.cds235.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=224
Accept-Ranges
bytes
ToyotaType-Book.woff2
cdn.flashtalking.com/129256/3290827/webfont/ Frame E2E0 		35 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/129256/3290827/webfont/ToyotaType-Book.woff2
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=ybwpafwce&e=1535582086632
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
5b4a4bb9b2433c24ad694397349c843ff72aae282b99a5c87a59cd3d9e96ee65

Request headers

Referer
https://cdn.flashtalking.com/129256/3290827/index.html
Origin
https://cdn.flashtalking.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:07:30 GMT
Last-Modified
Mon, 28 Dec 2020 13:38:23 GMT
x-amz-request-id
1ZPMFXMP6ASD9KZT
ETag
"1609162703"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
X-HW
1671876449.dop204.fr8.shc,1671876450.dop204.fr8.t,1671876450.cds011.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=78721
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
35812
x-amz-id-2
+HNy03F+J3eFaZ4UnVtegQBchzxXox+D5zUNDhRZz2JqnPcWBNW8x9pLpS6V5WleECBc1u0o0IY=
publishertag.prebid.130.js
static.criteo.net/js/ld/ Frame C7D0 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.130.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:30 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 17 Sep 2022 19:59:55 GMT
server
nginx
etag
W/"6326273b-16120"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 25 Dec 2022 10:07:30 GMT
usync.js
eus.rubiconproject.com/ Frame EB94 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9978410e404c2f058fe25e4d4a70899c7a817bc0b86eddb39d97e827038aa770

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:30 GMT
content-encoding
gzip
last-modified
Sat, 24 Dec 2022 03:57:26 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=64186
content-length
10066
expires
Sun, 25 Dec 2022 03:57:16 GMT
syncframe
gum.criteo.com/ Frame BDCF 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=forward.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 24 Dec 2022 10:07:29 GMT
server
Kestrel
server-processing-duration-in-ticks
365243
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 7BCB 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:30 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 25 Dec 2022 10:07:30 GMT
publishertag.prebid.130.js
static.criteo.net/js/ld/ Frame 3A2F 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.130.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:30 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 17 Sep 2022 19:59:55 GMT
server
nginx
etag
W/"6326273b-16120"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 25 Dec 2022 10:07:30 GMT
dt
dt.adsafeprotected.com/ Frame A931 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=992712&asId=878338a6-51f7-9396-3e8a-3135cb5fa0a7&tv=%7Bc:xHUzXq,pingTime:1,time:7683,type:p,im:%7Bimprf:%7Bttecl:9532,ecd:950,tsecr:1947%7D%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:4620%7D,%7Bpiv:100,vs:i,r:,t:6066%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:1617,o:6066,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:4620,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1484~0%5D,as:%5B1484~728.90%5D%7D%7D,%7Bsl:i,t:6066,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1617~100%5D,as:%5B1617~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:1328,fm:tqVxaI2+11%7C121%7C131%7C141%7C151%7C161%7C171%7C181%7C191%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e11%7C1e12%7C1e13%7C1f11%7C1f12%7C1f13%7C1g11%7C1g21%7C1g3%7C1g4%7C1g5%7C1h1*.992712-61653181%7C1h11%7C1h12%7C1h2%7C1h3%7C1h41%7C1h5%7C1i11%7C1i12%7C1i13%7C1i2%7C1i31%7C1i4%7C1i5%7C1j1.992712-61653181%7C1j11%7C1j12%7C1j13%7C1j2%7C1j31%7C1j4%7C1j5%7C1k1.992712-61653181%7C1k11%7C1k12%7C1k21%7C1k3%7C1k4%7C1k5%7C1l1.992712-61653181%7C1l11%7C1l12%7C1l2%7C1l3%7C1l4%7C1l51%7C1m1.992712-61653181%7C1m11%7C1m12%7C1m2%7C1m31%7C1m4%7C1m5%7C1n1.992712-61653181%7C1n11%7C1n12%7C1n13%7C1n14%7C1n2%7C1n3%7C1n4%7C1n51%7C1o1.992712-61653181%7C1o11%7C1o12%7C1o13%7C1o21%7C1o3%7C1o4%7C1o5%7C1p11%7C1p12%7C1p13%7C1p14%7C1p15%7C1p2%7C1p3%7C1p41%7C1p5%7C1q11%7C1q12%7C1q2%7C1q3%7C1q4%7C1q51%7C1r11%7C1r12%7C1r13%7C1r2%7C1r3%7C1r41%7C1r5%7C1s11%7C1s12%7C1s13%7C1s2%7C1s3%7C1s4%7C1s51%7C1t%7C1u11%7C1u12%7C1u13%7C1v11%7C1v12%7C1v21%7C1v3%7C1v4%7C1v5%7C1w11%7C1w2%7C1w3%7C1w41%7C1w5%7C1x1%7C1x21%7C1x3%7C1x4%7C1x5%7C1y11%7C1y12%7C1y2%7C1y31%7C1y4%7C1y5%7C1z11%7C1z12%7C1z2%7C1z3%7C1z41%7C1z5%7C11011%7C11012%7C1102%7C11031%7C1104%7C1105%7C1111%7C1112%7C11131%7C1114%7C1115%7C11211%7C11212%7C1122%7C1123%7C1124%7C11251%7C11311%7C1132%7C1133%7C1134%7C11351%7C11411%7C11412%7C1142%7C1143%7C11441%7C1145%7C11511%7C11611%7C1171%7C11721%7C1173%7C1174%7C1175%7C11811%7C11812%7C11821%7C1183%7C1184%7C1185%7C11911%7C11912%7C11921%7C1193%7C1194%7C1195%7C11a11%7C11a12%7C11a21%7C11a3%7C11a4%7C11a5%7C11b1%7C11b21%7C11b3%7C11b4%7C11b5%7C11c1%7C11c2%7C11c3%7C11c4%7C11c51%7C11d11%7C11d12%7C11d21%7C11d3%7C11d4%7C11d5%7C11e11%7C11e12%7C11e21%7C11f11%7C11f12%7C11f2%7C11g11%7C11g2%7C11g3%7C11g4%7C11g5%7C11h11%7C11h12%7C11h2%7C11i11%7C11i12%7C11i2%7C11j1%7C11k1%7C11l1%7C11m1%7C11n1%7C11o1%7C11o21%7C11o22%7C11o23%7C11o24%7C11o25%7C11o26%7C11o27%7C11o28%7C11o29%7C11o2a%7C11o2b%7C11o2c%7C11o2d%7C11o2e%7C11o2f%7C11o2g%7C11o2h%7C11o2i%7C11o3%7C11o4%7C11p1%7C11p2%7C11p3%7C11p4%7C11q1%7C11q2%7C11q3%7C11q4%7C11r1%7C11r2%7C11r3%7C11r4%7C11s1%7C11s2%7C11s3%7C11s4,idMap:1h1*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:4621,sis:7517%7D&br=c
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=icavjgt&e=1535582086632
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:e69a:c43c:f0d:9cd8 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:30 GMT
server
nginx
x-server-name
dt08.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame A931 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=992712&asId=878338a6-51f7-9396-3e8a-3135cb5fa0a7&tv=%7Bc:xHUzXr,pingTime:1,time:7684,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:4620%7D,%7Bpiv:100,vs:i,r:,t:6066%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:1618,o:6066,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:4620,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1484~0%5D,as:%5B1484~728.90%5D%7D%7D,%7Bsl:i,t:6066,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1618~100%5D,as:%5B1618~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:1328,fm:tqVxaI2+11%7C121%7C131%7C141%7C151%7C161%7C171%7C181%7C191%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e11%7C1e12%7C1e13%7C1f11%7C1f12%7C1f13%7C1g11%7C1g21%7C1g3%7C1g4%7C1g5%7C1h1*.992712-61653181%7C1h11%7C1h12%7C1h2%7C1h3%7C1h41%7C1h5%7C1i11%7C1i12%7C1i13%7C1i2%7C1i31%7C1i4%7C1i5%7C1j1.992712-61653181%7C1j11%7C1j12%7C1j13%7C1j2%7C1j31%7C1j4%7C1j5%7C1k1.992712-61653181%7C1k11%7C1k12%7C1k21%7C1k3%7C1k4%7C1k5%7C1l1.992712-61653181%7C1l11%7C1l12%7C1l2%7C1l3%7C1l4%7C1l51%7C1m1.992712-61653181%7C1m11%7C1m12%7C1m2%7C1m31%7C1m4%7C1m5%7C1n1.992712-61653181%7C1n11%7C1n12%7C1n13%7C1n14%7C1n2%7C1n3%7C1n4%7C1n51%7C1o1.992712-61653181%7C1o11%7C1o12%7C1o13%7C1o21%7C1o3%7C1o4%7C1o5%7C1p11%7C1p12%7C1p13%7C1p14%7C1p15%7C1p2%7C1p3%7C1p41%7C1p5%7C1q11%7C1q12%7C1q2%7C1q3%7C1q4%7C1q51%7C1r11%7C1r12%7C1r13%7C1r2%7C1r3%7C1r41%7C1r5%7C1s11%7C1s12%7C1s13%7C1s2%7C1s3%7C1s4%7C1s51%7C1t%7C1u11%7C1u12%7C1u13%7C1v11%7C1v12%7C1v21%7C1v3%7C1v4%7C1v5%7C1w11%7C1w2%7C1w3%7C1w41%7C1w5%7C1x1%7C1x21%7C1x3%7C1x4%7C1x5%7C1y11%7C1y12%7C1y2%7C1y31%7C1y4%7C1y5%7C1z11%7C1z12%7C1z2%7C1z3%7C1z41%7C1z5%7C11011%7C11012%7C1102%7C11031%7C1104%7C1105%7C1111%7C1112%7C11131%7C1114%7C1115%7C11211%7C11212%7C1122%7C1123%7C1124%7C11251%7C11311%7C1132%7C1133%7C1134%7C11351%7C11411%7C11412%7C1142%7C1143%7C11441%7C1145%7C11511%7C11611%7C1171%7C11721%7C1173%7C1174%7C1175%7C11811%7C11812%7C11821%7C1183%7C1184%7C1185%7C11911%7C11912%7C11921%7C1193%7C1194%7C1195%7C11a11%7C11a12%7C11a21%7C11a3%7C11a4%7C11a5%7C11b1%7C11b21%7C11b3%7C11b4%7C11b5%7C11c1%7C11c2%7C11c3%7C11c4%7C11c51%7C11d11%7C11d12%7C11d21%7C11d3%7C11d4%7C11d5%7C11e11%7C11e12%7C11e21%7C11f11%7C11f12%7C11f2%7C11g11%7C11g2%7C11g3%7C11g4%7C11g5%7C11h11%7C11h12%7C11h2%7C11i11%7C11i12%7C11i2%7C11j1%7C11k1%7C11l1%7C11m1%7C11n1%7C11o1%7C11o21%7C11o22%7C11o23%7C11o24%7C11o25%7C11o26%7C11o27%7C11o28%7C11o29%7C11o2a%7C11o2b%7C11o2c%7C11o2d%7C11o2e%7C11o2f%7C11o2g%7C11o2h%7C11o2i%7C11o3%7C11o4%7C11p1%7C11p2%7C11p3%7C11p4%7C11q1%7C11q2%7C11q3%7C11q4%7C11r1%7C11r2%7C11r3%7C11r4%7C11s1%7C11s2%7C11s3%7C11s4,idMap:1h1*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:4621,sis:7517%7D&br=c
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=icavjgt&e=1535582086632
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:e69a:c43c:f0d:9cd8 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:30 GMT
server
nginx
x-server-name
dt10.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 3A7C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930248&asId=9d7b8e3d-18ac-083d-530b-71e179fb993e&tv=%7Bc:xHUzXu,pingTime:1,time:5163,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:1996%7D,%7Bpiv:100,vs:i,r:,t:3511%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1652,o:3511,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:1996,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1560~0%5D,as:%5B1560~728.90%5D%7D%7D,%7Bsl:i,t:3511,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1652~100%5D,as:%5B1652~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:1276,fm:tqVxaI2+11%7C121%7C131%7C141%7C151%7C161%7C171%7C181%7C191%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e11%7C1e12%7C1e13%7C1f11%7C1f12%7C1f13%7C1g11%7C1g21%7C1g3%7C1g4%7C1g5%7C1h1.992712-61653181%7C1h11%7C1h12%7C1h2%7C1h3%7C1h41%7C1h5%7C1i11%7C1i12%7C1i13%7C1i2%7C1i31%7C1i4%7C1i5%7C1j1.992712-61653181%7C1j11%7C1j12%7C1j13%7C1j2%7C1j31%7C1j4%7C1j5%7C1k1.992712-61653181%7C1k11%7C1k12%7C1k21%7C1k3%7C1k4%7C1k5%7C1l1.992712-61653181%7C1l11%7C1l12%7C1l2%7C1l3%7C1l4%7C1l51%7C1m1.992712-61653181%7C1m11%7C1m12%7C1m2%7C1m31%7C1m4%7C1m5%7C1n1*.930248%7C1n11%7C1n12%7C1n13%7C1n2%7C1n3%7C1n4%7C1n51%7C1o1.992712-61653181%7C1o11%7C1o12%7C1o13%7C1o21%7C1o3%7C1o4%7C1o5%7C1p11%7C1p12%7C1p13%7C1p14%7C1p15%7C1p2%7C1p3%7C1p41%7C1p5%7C1q11%7C1q12%7C1q2%7C1q3%7C1q4%7C1q51%7C1r11%7C1r12%7C1r13%7C1r2%7C1r3%7C1r41%7C1r5%7C1s11%7C1s12%7C1s13%7C1s2%7C1s3%7C1s4%7C1s51%7C1t%7C1u11%7C1u12%7C1u13%7C1v11%7C1v12%7C1v21%7C1v3%7C1v4%7C1v5%7C1w11%7C1w2%7C1w3%7C1w41%7C1w5%7C1x1%7C1x21%7C1x3%7C1x4%7C1x5%7C1y11%7C1y12%7C1y2%7C1y31%7C1y4%7C1y5%7C1z11%7C1z12%7C1z2%7C1z3%7C1z41%7C1z5%7C11011%7C11012%7C1102%7C11031%7C1104%7C1105%7C1111%7C1112%7C11131%7C1114%7C1115%7C11211%7C11212%7C1122%7C1123%7C1124%7C11251%7C11311%7C1132%7C1133%7C1134%7C11351%7C11411%7C11412%7C1142%7C1143%7C11441%7C1145%7C11511%7C11611%7C1171%7C11721%7C1173%7C1174%7C1175%7C11811%7C11812%7C11821%7C1183%7C1184%7C1185%7C11911%7C11912%7C11921%7C1193%7C1194%7C1195%7C11a11%7C11a12%7C11a21%7C11a3%7C11a4%7C11a5%7C11b1%7C11b21%7C11b3%7C11b4%7C11b5%7C11c1%7C11c2%7C11c3%7C11c4%7C11c51%7C11d11%7C11d12%7C11d21%7C11d3%7C11d4%7C11d5%7C11e11%7C11e12%7C11e21%7C11f11%7C11f12%7C11f2%7C11g11%7C11g2%7C11g3%7C11g4%7C11g5%7C11h11%7C11h12%7C11h2%7C11i11%7C11i12%7C11i2%7C11j1%7C11k1%7C11l1%7C11m1%7C11n1%7C11o1%7C11o21%7C11o22%7C11o23%7C11o24%7C11o25%7C11o26%7C11o27%7C11o28%7C11o29%7C11o2a%7C11o2b%7C11o2c%7C11o2d%7C11o2e%7C11o2f%7C11o2g%7C11o2h%7C11o2i%7C11o3%7C11o4%7C11p1%7C11p2%7C11p3%7C11p4%7C11q1%7C11q2%7C11q3%7C11q4%7C11r1%7C11r2%7C11r3%7C11r4%7C11s1%7C11s2%7C11s3%7C11s4,idMap:1n1.3f7b216e-2265-fe8c-d694-beffe1a4ac1c.1024_992712-61653181%7C1n1*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:1997,sis:3500%7D&br=c
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=sqwwysn&e=1535582086632
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:e69a:c43c:f0d:9cd8 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:30 GMT
server
nginx
x-server-name
dt04.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 3A7C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930248&asId=9d7b8e3d-18ac-083d-530b-71e179fb993e&tv=%7Bc:xHUzXu,pingTime:1,time:5163,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:1996%7D,%7Bpiv:100,vs:i,r:,t:3511%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1652,o:3511,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:1996,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1560~0%5D,as:%5B1560~728.90%5D%7D%7D,%7Bsl:i,t:3511,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1652~100%5D,as:%5B1652~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:1276,fm:tqVxaI2+11%7C121%7C131%7C141%7C151%7C161%7C171%7C181%7C191%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e11%7C1e12%7C1e13%7C1f11%7C1f12%7C1f13%7C1g11%7C1g21%7C1g3%7C1g4%7C1g5%7C1h1.992712-61653181%7C1h11%7C1h12%7C1h2%7C1h3%7C1h41%7C1h5%7C1i11%7C1i12%7C1i13%7C1i2%7C1i31%7C1i4%7C1i5%7C1j1.992712-61653181%7C1j11%7C1j12%7C1j13%7C1j2%7C1j31%7C1j4%7C1j5%7C1k1.992712-61653181%7C1k11%7C1k12%7C1k21%7C1k3%7C1k4%7C1k5%7C1l1.992712-61653181%7C1l11%7C1l12%7C1l2%7C1l3%7C1l4%7C1l51%7C1m1.992712-61653181%7C1m11%7C1m12%7C1m2%7C1m31%7C1m4%7C1m5%7C1n1*.930248%7C1n11%7C1n12%7C1n13%7C1n2%7C1n3%7C1n4%7C1n51%7C1o1.992712-61653181%7C1o11%7C1o12%7C1o13%7C1o21%7C1o3%7C1o4%7C1o5%7C1p11%7C1p12%7C1p13%7C1p14%7C1p15%7C1p2%7C1p3%7C1p41%7C1p5%7C1q11%7C1q12%7C1q2%7C1q3%7C1q4%7C1q51%7C1r11%7C1r12%7C1r13%7C1r2%7C1r3%7C1r41%7C1r5%7C1s11%7C1s12%7C1s13%7C1s2%7C1s3%7C1s4%7C1s51%7C1t%7C1u11%7C1u12%7C1u13%7C1v11%7C1v12%7C1v21%7C1v3%7C1v4%7C1v5%7C1w11%7C1w2%7C1w3%7C1w41%7C1w5%7C1x1%7C1x21%7C1x3%7C1x4%7C1x5%7C1y11%7C1y12%7C1y2%7C1y31%7C1y4%7C1y5%7C1z11%7C1z12%7C1z2%7C1z3%7C1z41%7C1z5%7C11011%7C11012%7C1102%7C11031%7C1104%7C1105%7C1111%7C1112%7C11131%7C1114%7C1115%7C11211%7C11212%7C1122%7C1123%7C1124%7C11251%7C11311%7C1132%7C1133%7C1134%7C11351%7C11411%7C11412%7C1142%7C1143%7C11441%7C1145%7C11511%7C11611%7C1171%7C11721%7C1173%7C1174%7C1175%7C11811%7C11812%7C11821%7C1183%7C1184%7C1185%7C11911%7C11912%7C11921%7C1193%7C1194%7C1195%7C11a11%7C11a12%7C11a21%7C11a3%7C11a4%7C11a5%7C11b1%7C11b21%7C11b3%7C11b4%7C11b5%7C11c1%7C11c2%7C11c3%7C11c4%7C11c51%7C11d11%7C11d12%7C11d21%7C11d3%7C11d4%7C11d5%7C11e11%7C11e12%7C11e21%7C11f11%7C11f12%7C11f2%7C11g11%7C11g2%7C11g3%7C11g4%7C11g5%7C11h11%7C11h12%7C11h2%7C11i11%7C11i12%7C11i2%7C11j1%7C11k1%7C11l1%7C11m1%7C11n1%7C11o1%7C11o21%7C11o22%7C11o23%7C11o24%7C11o25%7C11o26%7C11o27%7C11o28%7C11o29%7C11o2a%7C11o2b%7C11o2c%7C11o2d%7C11o2e%7C11o2f%7C11o2g%7C11o2h%7C11o2i%7C11o3%7C11o4%7C11p1%7C11p2%7C11p3%7C11p4%7C11q1%7C11q2%7C11q3%7C11q4%7C11r1%7C11r2%7C11r3%7C11r4%7C11s1%7C11s2%7C11s3%7C11s4,idMap:1n1.3f7b216e-2265-fe8c-d694-beffe1a4ac1c.1024_992712-61653181%7C1n1*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:1997,sis:3500,metricId:publ1,cmr:t%7D&br=c
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=sqwwysn&e=1535582086632
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:e69a:c43c:f0d:9cd8 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:30 GMT
server
nginx
x-server-name
dt06.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 3A7C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930248&asId=9d7b8e3d-18ac-083d-530b-71e179fb993e&tv=%7Bc:xHUzXv,pingTime:1,time:5164,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:1996%7D,%7Bpiv:100,vs:i,r:,t:3511%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1653,o:3511,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:1996,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1560~0%5D,as:%5B1560~728.90%5D%7D%7D,%7Bsl:i,t:3511,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1653~100%5D,as:%5B1653~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:1276,fm:tqVxaI2+11%7C121%7C131%7C141%7C151%7C161%7C171%7C181%7C191%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e11%7C1e12%7C1e13%7C1f11%7C1f12%7C1f13%7C1g11%7C1g21%7C1g3%7C1g4%7C1g5%7C1h1.992712-61653181%7C1h11%7C1h12%7C1h2%7C1h3%7C1h41%7C1h5%7C1i11%7C1i12%7C1i13%7C1i2%7C1i31%7C1i4%7C1i5%7C1j1.992712-61653181%7C1j11%7C1j12%7C1j13%7C1j2%7C1j31%7C1j4%7C1j5%7C1k1.992712-61653181%7C1k11%7C1k12%7C1k21%7C1k3%7C1k4%7C1k5%7C1l1.992712-61653181%7C1l11%7C1l12%7C1l2%7C1l3%7C1l4%7C1l51%7C1m1.992712-61653181%7C1m11%7C1m12%7C1m2%7C1m31%7C1m4%7C1m5%7C1n1*.930248%7C1n11%7C1n12%7C1n13%7C1n2%7C1n3%7C1n4%7C1n51%7C1o1.992712-61653181%7C1o11%7C1o12%7C1o13%7C1o21%7C1o3%7C1o4%7C1o5%7C1p11%7C1p12%7C1p13%7C1p14%7C1p15%7C1p2%7C1p3%7C1p41%7C1p5%7C1q11%7C1q12%7C1q2%7C1q3%7C1q4%7C1q51%7C1r11%7C1r12%7C1r13%7C1r2%7C1r3%7C1r41%7C1r5%7C1s11%7C1s12%7C1s13%7C1s2%7C1s3%7C1s4%7C1s51%7C1t%7C1u11%7C1u12%7C1u13%7C1v11%7C1v12%7C1v21%7C1v3%7C1v4%7C1v5%7C1w11%7C1w2%7C1w3%7C1w41%7C1w5%7C1x1%7C1x21%7C1x3%7C1x4%7C1x5%7C1y11%7C1y12%7C1y2%7C1y31%7C1y4%7C1y5%7C1z11%7C1z12%7C1z2%7C1z3%7C1z41%7C1z5%7C11011%7C11012%7C1102%7C11031%7C1104%7C1105%7C1111%7C1112%7C11131%7C1114%7C1115%7C11211%7C11212%7C1122%7C1123%7C1124%7C11251%7C11311%7C1132%7C1133%7C1134%7C11351%7C11411%7C11412%7C1142%7C1143%7C11441%7C1145%7C11511%7C11611%7C1171%7C11721%7C1173%7C1174%7C1175%7C11811%7C11812%7C11821%7C1183%7C1184%7C1185%7C11911%7C11912%7C11921%7C1193%7C1194%7C1195%7C11a11%7C11a12%7C11a21%7C11a3%7C11a4%7C11a5%7C11b1%7C11b21%7C11b3%7C11b4%7C11b5%7C11c1%7C11c2%7C11c3%7C11c4%7C11c51%7C11d11%7C11d12%7C11d21%7C11d3%7C11d4%7C11d5%7C11e11%7C11e12%7C11e21%7C11f11%7C11f12%7C11f2%7C11g11%7C11g2%7C11g3%7C11g4%7C11g5%7C11h11%7C11h12%7C11h2%7C11i11%7C11i12%7C11i2%7C11j1%7C11k1%7C11l1%7C11m1%7C11n1%7C11o1%7C11o21%7C11o22%7C11o23%7C11o24%7C11o25%7C11o26%7C11o27%7C11o28%7C11o29%7C11o2a%7C11o2b%7C11o2c%7C11o2d%7C11o2e%7C11o2f%7C11o2g%7C11o2h%7C11o2i%7C11o3%7C11o4%7C11p1%7C11p2%7C11p3%7C11p4%7C11q1%7C11q2%7C11q3%7C11q4%7C11r1%7C11r2%7C11r3%7C11r4%7C11s1%7C11s2%7C11s3%7C11s4,idMap:1n1.3f7b216e-2265-fe8c-d694-beffe1a4ac1c.1024_992712-61653181%7C1n1*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:1997,sis:3500,metricId:grpm1,cmr:t%7D&br=c
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=sqwwysn&e=1535582086632
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:e69a:c43c:f0d:9cd8 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:30 GMT
server
nginx
x-server-name
dt05.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
vevent
fra1-ib.adnxs.com/ Frame 2F0C 		0
951 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fforward.com%2F&e=wqT_3QKmCvBMJgUAAAMA1gAFAQjWnpudBhC70IvWsNemgCEYja-4qpOZ7ppWKjYJMUJ4tHHEij8RIJMq4A7zgz8ZAAAAgD0K7z8hIJMq4A7zgz8pMUIJJPCBMQAAAEDhepQ_MJeHhQw4mFBA6j9IAlCGrN9yWJ7Nf2AAaLHylwF4yoQGgAEBigEDVVNEkgEDRVVSmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCU3VmKCdhJywgNDgxOTI1OCwgMCk7dWYoJ2knLCA1NDQxNjc5LBEUMGcnLCAxMzk5Mzg0NiwRFShyJywgMjQwNjM3NA0W9BcBkgKlBCFwR2l1bHdqbjRwVVhFSWFzMzNJWUFDQ2V6WDh3QURnQVFBQkk2ajlRbDRlRkRGZ0FZTDBHYUFCd0FIZ0FnQUVBaUFFQWtBRUJtQUVCb0FFQnFBRUJzQUVBdVFFNmlZZEM2OGFLUDhFQk9vbUhRdXZHaWpfSkFRQUFBQUFBQVBBXzJRRUFBQUFBQUFEd1AtQUJqNUhNQXZVQnpjek1QWmdDQUtBQ0FiVUNBQUFBQUwwQ0FBQUFBTUFDQU1nQ0FOQUNBTmdDQU9BQ0FPZ0NBUGdDQUlBREFaZ0RBYm9EQ1VaU1FURTZOak01TmVBRGlEQ0FCTXUyd3dXSUJNeTJ3d1dRQkFHWUJBRzZCQm9JaFFRUkFBQQGaEEEwRDhaBQkJARxnZ3NhTERzRRGtFEEwRF9KQgkcBQEUMkFRQThREdlgQUFBSWdGLXpHcEJVZ3pGazFuSi00X3NRVQEaCQEYTUVGbXBtWgECEHVUX0pCATscSUJTdk1BXzAuKAAITmtGCTHIQUE4RF9nQlpzSzhBWDJqdFlHLUFXNmtxWUNnZ1lEVlZORWlBWUFrQVlCbUFZQW9RYWFtBV4wbTVQNmdHQkxJR0pBaxFLCEFBQhXLDEFBQmsZGABDHRhETGdHQ2cuLpoClQEhRGhZbU5BNikCKG5zMV9JQUFvQURHGW1Mem9KUmxKQk1UbzJNemsxUUlnd1MB3QEBDFBBX1URDAxBQUFXHQwAWREMDE5BX2ERDAxBQUFjHQwQZUFDSkEREPDQUEFf2AIA4AKbhU7qAhRodHRwczovL2ZvcndhcmQuY29tL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA_DSkgHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMODAuMjU1LjcuMTA4qAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA0gQOODE3MCNGUkExOjYzOTXaBAIIAeAEAfAEhqzfcogFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAJDnDYBQHgBQHwBbTKKPoFBAgAEACQBgCYBgC4BgDBBgkjKPA_0AboKdoGFgoQCREZAXQQABgA4AYB8gYCCACABwGIBwCgBwHIB8qEBtIHDQkRKAEmCNoHBgFdcBgA4AcA6gcCCADwB5bFA4oIAhAAlQgAAIA_mAgB&s=a2b2c74708a0eb85d3df029ddf7b9878887fed88&type=pv&jm=1003&px=0&py=0&bw=728&bh=90&sf=1&sid=1425382271713132305&vd=ct~0|rr~5&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=25248663&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/231/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:30 GMT
AN-X-Request-Uuid
4ea8041a-24ba-4952-8577-9cc0bf5878a1
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 9393 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=992712&asId=861dc8b1-c04a-f2f7-814a-af5215a5f97b&tv=%7Bc:xHUzXG,pingTime:1,time:7695,type:p,im:%7Bimprf:%7Bttecl:9563,ecd:918,tsecr:1963%7D%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:4672%7D,%7Bpiv:100,vs:i,r:,t:6070%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:1625,o:6070,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:4672,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1437~0%5D,as:%5B1437~728.90%5D%7D%7D,%7Bsl:i,t:6070,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1625~100%5D,as:%5B1625~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:1308,fm:tqVxaI2+11%7C121%7C131%7C141%7C151%7C161%7C171%7C181%7C191%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e11%7C1e12%7C1e13%7C1f11%7C1f12%7C1f13%7C1g11%7C1g21%7C1g3%7C1g4%7C1g5%7C1h1.992712-61653181%7C1h11%7C1h12%7C1h13%7C1h2%7C1h3%7C1h41%7C1h5%7C1i11%7C1i12%7C1i13%7C1i2%7C1i31%7C1i4%7C1i5%7C1j1.992712-61653181%7C1j11%7C1j12%7C1j13%7C1j2%7C1j31%7C1j4%7C1j5%7C1k1*.992712-61653181%7C1k11%7C1k12%7C1k21%7C1k3%7C1k4%7C1k5%7C1l1.992712-61653181%7C1l11%7C1l12%7C1l2%7C1l3%7C1l4%7C1l51%7C1m1.992712-61653181%7C1m11%7C1m12%7C1m2%7C1m31%7C1m4%7C1m5%7C1n1.992712-61653181%7C1n11%7C1n12%7C1n13%7C1n14%7C1n2%7C1n3%7C1n4%7C1n51%7C1o1.992712-61653181%7C1o11%7C1o12%7C1o13%7C1o21%7C1o3%7C1o4%7C1o5%7C1p11%7C1p12%7C1p13%7C1p14%7C1p15%7C1p2%7C1p3%7C1p41%7C1p5%7C1q11%7C1q12%7C1q2%7C1q3%7C1q4%7C1q51%7C1r11%7C1r12%7C1r13%7C1r2%7C1r3%7C1r41%7C1r5%7C1s11%7C1s12%7C1s13%7C1s2%7C1s3%7C1s4%7C1s51%7C1t%7C1u11%7C1u12%7C1u13%7C1v11%7C1v12%7C1v21%7C1v3%7C1v4%7C1v5%7C1w11%7C1w2%7C1w3%7C1w41%7C1w5%7C1x1%7C1x21%7C1x3%7C1x4%7C1x5%7C1y11%7C1y12%7C1y2%7C1y31%7C1y4%7C1y5%7C1z11%7C1z12%7C1z2%7C1z3%7C1z41%7C1z5%7C11011%7C11012%7C1102%7C11031%7C1104%7C1105%7C1111%7C1112%7C11131%7C1114%7C1115%7C11211%7C11212%7C1122%7C1123%7C1124%7C11251%7C11311%7C1132%7C1133%7C1134%7C11351%7C11411%7C11412%7C1142%7C1143%7C11441%7C1145%7C11511%7C11611%7C1171%7C11721%7C1173%7C1174%7C1175%7C11811%7C11812%7C11821%7C1183%7C1184%7C1185%7C11911%7C11912%7C11921%7C1193%7C1194%7C1195%7C11a11%7C11a12%7C11a21%7C11a3%7C11a4%7C11a5%7C11b1%7C11b21%7C11b3%7C11b4%7C11b5%7C11c1%7C11c2%7C11c3%7C11c4%7C11c51%7C11d11%7C11d12%7C11d21%7C11d3%7C11d4%7C11d5%7C11e11%7C11e12%7C11e21%7C11f11%7C11f12%7C11f2%7C11g11%7C11g2%7C11g3%7C11g4%7C11g5%7C11h11%7C11h12%7C11h2%7C11i11%7C11i12%7C11i2%7C11j1%7C11k1%7C11l1%7C11m1%7C11n1%7C11o1%7C11o21%7C11o22%7C11o23%7C11o24%7C11o25%7C11o26%7C11o27%7C11o28%7C11o29%7C11o2a%7C11o2b%7C11o2c%7C11o2d%7C11o2e%7C11o2f%7C11o2g%7C11o2h%7C11o2i%7C11o3%7C11o4%7C11p1%7C11p2%7C11p3%7C11p4%7C11q1%7C11q2%7C11q3%7C11q4%7C11r1%7C11r2%7C11r3%7C11r4%7C11s1%7C11s2%7C11s3%7C11s4,idMap:1k1*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:4673,sis:7554%7D&br=c
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=ybwpafwce&e=1535582086632
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:e69a:c43c:f0d:9cd8 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:30 GMT
server
nginx
x-server-name
dt14.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 9393 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=992712&asId=861dc8b1-c04a-f2f7-814a-af5215a5f97b&tv=%7Bc:xHUzXH,pingTime:1,time:7696,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:4672%7D,%7Bpiv:100,vs:i,r:,t:6070%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:1626,o:6070,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:4672,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1437~0%5D,as:%5B1437~728.90%5D%7D%7D,%7Bsl:i,t:6070,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1626~100%5D,as:%5B1626~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:1308,fm:tqVxaI2+11%7C121%7C131%7C141%7C151%7C161%7C171%7C181%7C191%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e11%7C1e12%7C1e13%7C1f11%7C1f12%7C1f13%7C1g11%7C1g21%7C1g3%7C1g4%7C1g5%7C1h1.992712-61653181%7C1h11%7C1h12%7C1h13%7C1h2%7C1h3%7C1h41%7C1h5%7C1i11%7C1i12%7C1i13%7C1i2%7C1i31%7C1i4%7C1i5%7C1j1.992712-61653181%7C1j11%7C1j12%7C1j13%7C1j2%7C1j31%7C1j4%7C1j5%7C1k1*.992712-61653181%7C1k11%7C1k12%7C1k21%7C1k3%7C1k4%7C1k5%7C1l1.992712-61653181%7C1l11%7C1l12%7C1l2%7C1l3%7C1l4%7C1l51%7C1m1.992712-61653181%7C1m11%7C1m12%7C1m2%7C1m31%7C1m4%7C1m5%7C1n1.992712-61653181%7C1n11%7C1n12%7C1n13%7C1n14%7C1n2%7C1n3%7C1n4%7C1n51%7C1o1.992712-61653181%7C1o11%7C1o12%7C1o13%7C1o21%7C1o3%7C1o4%7C1o5%7C1p11%7C1p12%7C1p13%7C1p14%7C1p15%7C1p2%7C1p3%7C1p41%7C1p5%7C1q11%7C1q12%7C1q2%7C1q3%7C1q4%7C1q51%7C1r11%7C1r12%7C1r13%7C1r2%7C1r3%7C1r41%7C1r5%7C1s11%7C1s12%7C1s13%7C1s2%7C1s3%7C1s4%7C1s51%7C1t%7C1u11%7C1u12%7C1u13%7C1v11%7C1v12%7C1v21%7C1v3%7C1v4%7C1v5%7C1w11%7C1w2%7C1w3%7C1w41%7C1w5%7C1x1%7C1x21%7C1x3%7C1x4%7C1x5%7C1y11%7C1y12%7C1y2%7C1y31%7C1y4%7C1y5%7C1z11%7C1z12%7C1z2%7C1z3%7C1z41%7C1z5%7C11011%7C11012%7C1102%7C11031%7C1104%7C1105%7C1111%7C1112%7C11131%7C1114%7C1115%7C11211%7C11212%7C1122%7C1123%7C1124%7C11251%7C11311%7C1132%7C1133%7C1134%7C11351%7C11411%7C11412%7C1142%7C1143%7C11441%7C1145%7C11511%7C11611%7C1171%7C11721%7C1173%7C1174%7C1175%7C11811%7C11812%7C11821%7C1183%7C1184%7C1185%7C11911%7C11912%7C11921%7C1193%7C1194%7C1195%7C11a11%7C11a12%7C11a21%7C11a3%7C11a4%7C11a5%7C11b1%7C11b21%7C11b3%7C11b4%7C11b5%7C11c1%7C11c2%7C11c3%7C11c4%7C11c51%7C11d11%7C11d12%7C11d21%7C11d3%7C11d4%7C11d5%7C11e11%7C11e12%7C11e21%7C11f11%7C11f12%7C11f2%7C11g11%7C11g2%7C11g3%7C11g4%7C11g5%7C11h11%7C11h12%7C11h2%7C11i11%7C11i12%7C11i2%7C11j1%7C11k1%7C11l1%7C11m1%7C11n1%7C11o1%7C11o21%7C11o22%7C11o23%7C11o24%7C11o25%7C11o26%7C11o27%7C11o28%7C11o29%7C11o2a%7C11o2b%7C11o2c%7C11o2d%7C11o2e%7C11o2f%7C11o2g%7C11o2h%7C11o2i%7C11o3%7C11o4%7C11p1%7C11p2%7C11p3%7C11p4%7C11q1%7C11q2%7C11q3%7C11q4%7C11r1%7C11r2%7C11r3%7C11r4%7C11s1%7C11s2%7C11s3%7C11s4,idMap:1k1*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:4673,sis:7554%7D&br=c
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=ybwpafwce&e=1535582086632
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:e69a:c43c:f0d:9cd8 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:30 GMT
server
nginx
x-server-name
dt13.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
publishertag.prebid.130.js
static.criteo.net/js/ld/ Frame 5373 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.130.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:30 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 17 Sep 2022 19:59:55 GMT
server
nginx
etag
W/"6326273b-16120"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 25 Dec 2022 10:07:30 GMT
syncframe
gum.criteo.com/ Frame 7A71 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=forward.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 24 Dec 2022 10:07:29 GMT
server
Kestrel
server-processing-duration-in-ticks
823804
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 18D7 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:30 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 25 Dec 2022 10:07:30 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 99D1 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af28b0620339b881ece4f0987834abcdc9f99819bcc3a5604ab8a65b5d352d3f

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
77e887c81c4e9a1d-FRA
content-encoding
br
content-type
text/html
date
Sat, 24 Dec 2022 10:07:30 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uPRKVzZQ%2B1uuJWYwC8FDGLpnf5yWd1mz2LZGYQgXMkMO6lIgL%2FpnYBsX2dXSakU2M3PMapb2EkDs%2F2o6IIu9%2FWKdH09ghaePY9sAOeq7HwDgp8WS8Q6Qo4I3KWSsDg5nvcu76e6slhSzOw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
vevent
fra1-ib.adnxs.com/ Frame B5EE 		0
951 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fforward.com%2F&e=wqT_3QKNC_BMjQUAAAMA1gAFAQjVnpudBhDAu6a6ptvu6k8Yja-4qpOZ7ppWKjYJbqMBvAUShD8Rjrw5fbkmfz8ZAAAAgD0K7z8hjrw5fbkmfz8pbqMJJPCBMQAAAEDhepQ_MJeHhQw4mFBAqTlIAlCgxcedAViezX9gAGix8pcBeL2IBoABAYoBA1VTRJIBA0VVUpgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAml1ZignYScsIDE2OTQzNjgsIDApO3VmKCdpJywgNTI0OTAyMBUULGcnLCAxNzgwMTcxORUVMHMnLCAyNzY2MTc1MDAVFjByJywgMzMwNDI0OTkyBRbwtpIC8QQhd1hndXBBaXo2WkFaRUtERng1MEJHQUFnbnMxX01BRTRBRUFBU0trNVVKZUhoUXhZQUdDOUJtZ0FjQUI0QUlBQkFJZ0JBSkFCQVpnQkFhQUJBcWdCQXJBQkFMa0Izd0FGUlozcWdqX0JBWGRzZ0owV0U0UV95UUVBQUFBQUFBRHdQOWtCU0RNV1RXY243al9nQWZ5dndBTDFBWVhya1QtWUFnQ2dBZ0MxQWdBQUFBQzlBZwE58FVEQUFnRElBZ0RRQWdEWUFnRGdBdm5jbVNIb0FvZmFscDBHLUFJQWdBTUJtQU1Cb2dNT0NQdXR2aWNRQkJnQkxUbEtPRHFpQXc0SS1keVpJUkFKR0FJdAFagEFLSURFd2l4LU40bUVBb1lBUzExWUpZX01nTjFibXVpQRk0BExHETTATG9EQ1VaU1FURTZOall5T2VBRGlEQ0FCTGlqaXdpSUJPdl9xQWlRQkFHWUJBVEJCQQVqBQEIeVFRBQgFARhOZ0VBUEVFBQwFAVBDSUJlVXptQVdjc3ZPREFha0ZTRE0tLAgteEIdOwh3UVUFMgUBCE1rRgEIHFlOSmQ3el9SLigAADIVKPBDRHdQLUFGMUFmd0JmZkR2Z2o0QmFDMVo0SUdBMFZWVW9nR0FKQUdBWmdHQUtFR1BRclhvM0E5OGotb0JnU3lCaVFKQUEBZgUBAFIFBgkBAFoJBwUBAGgFBgUBQEM0QmdvLpoCmQEha0JVLUpnOnUCLEo3TmZ5QUFLQUF4UBVtBDg2MlkBQFVDSU1FbElNeFpOWnlmdVAxPSwERmsFZwUBAEcdGABHHRgASB0YDEhnQWkuiQLw9XcuLtgCAOACm4VO6gIUaHR0cHM6Ly9mb3J3YXJkLmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APw0pIB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDgwLjI1NS43LjEwOKgEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANIEDjczMzcjRlJBMTo2NjI52gQCCAHgBAHwBKDFx50BiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFhQH6BQQIABAAkAYAmAYAuAYAwQYAAAElKPA_0Aa0JdoGFgoQAQ8uAQB0EAAYAOAGAfIGAggAgAcBiAcAoAcByAe9iAbSBw0JESoBJgzaBwYIBQlo4AcA6gcCCADwB5bFA4oIAhAAlQgAAIA_mAgB&s=bece0156ede62446068730dcc753cd737a157cc9&type=pv&jm=1003&bw=728&bh=90&sf=1&sid=1425382271713132305&vd=ct~0|rr~6&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=25248663&cid=3&cr=pv&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/231/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 10:07:30 GMT
AN-X-Request-Uuid
873c10e3-d610-4164-a7f9-1f58cb596eed
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 1C5B 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
290198
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 21 Dec 2022 01:30:52 GMT
expires
Thu, 21 Dec 2023 01:30:52 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
syncframe
gum.criteo.com/ Frame 5655 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=forward.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 24 Dec 2022 10:07:30 GMT
server
Kestrel
server-processing-duration-in-ticks
2441529
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ Frame E57D 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:07:30 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 25 Dec 2022 10:07:30 GMT
dt
dt.adsafeprotected.com/ Frame 96B2 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=992712&asId=8536ba99-d871-e3dd-3aa1-3d35833fd27b&tv=%7Bc:xHUzYz,pingTime:1,time:7716,type:p,im:%7Bimprf:%7Bttecl:9587,ecd:856,tsecr:1965%7D%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:4753%7D,%7Bpiv:-1,vs:n,r:,t:5547%7D,%7Bpiv:100,vs:i,t:6134%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:2169,o:5547,n:587,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:4753,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B834~0%5D,as:%5B834~728.90%5D%7D%7D,%7Bsl:n,t:5547,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B587~1%5D,as:%5B587~728.90%5D%7D%7D,%7Bsl:i,t:6134,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1582~100%5D,as:%5B1582~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tqVxaI2+11%7C121%7C131%7C141%7C151%7C161%7C171%7C181%7C191%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e11%7C1e12%7C1e13%7C1f11%7C1f12%7C1f13%7C1g11%7C1g21%7C1g3%7C1g4%7C1g5%7C1h1.992712-61653181%7C1h11%7C1h12%7C1h13%7C1h2%7C1h3%7C1h41%7C1h5%7C1i11%7C1i12%7C1i13%7C1i2%7C1i31%7C1i4%7C1i5%7C1j1.992712-61653181%7C1j11%7C1j12%7C1j13%7C1j2%7C1j31%7C1j4%7C1j5%7C1k1.992712-61653181%7C1k11%7C1k12%7C1k13%7C1k21%7C1k3%7C1k4%7C1k5%7C1l1.992712-61653181%7C1l11%7C1l12%7C1l13%7C1l2%7C1l3%7C1l4%7C1l51%7C1m1*.992712-61653181%7C1m11%7C1m12%7C1m2%7C1m31%7C1m4%7C1m5%7C1n1.992712-61653181%7C1n11%7C1n12%7C1n13%7C1n14%7C1n2%7C1n3%7C1n4%7C1n51%7C1o1.992712-61653181%7C1o11%7C1o12%7C1o13%7C1o21%7C1o3%7C1o4%7C1o5%7C1p11%7C1p12%7C1p13%7C1p14%7C1p15%7C1p2%7C1p3%7C1p41%7C1p5%7C1q11%7C1q12%7C1q2%7C1q3%7C1q4%7C1q51%7C1r11%7C1r12%7C1r13%7C1r2%7C1r3%7C1r41%7C1r5%7C1s11%7C1s12%7C1s13%7C1s2%7C1s3%7C1s4%7C1s51%7C1t%7C1u11%7C1u12%7C1u13%7C1v11%7C1v12%7C1v21%7C1v3%7C1v4%7C1v5%7C1w11%7C1w2%7C1w3%7C1w41%7C1w5%7C1x1%7C1x21%7C1x3%7C1x4%7C1x5%7C1y11%7C1y12%7C1y2%7C1y31%7C1y4%7C1y5%7C1z11%7C1z12%7C1z2%7C1z3%7C1z41%7C1z5%7C11011%7C11012%7C1102%7C11031%7C1104%7C1105%7C1111%7C1112%7C11131%7C1114%7C1115%7C11211%7C11212%7C1122%7C1123%7C1124%7C11251%7C11311%7C1132%7C1133%7C1134%7C11351%7C11411%7C11412%7C1142%7C1143%7C11441%7C1145%7C11511%7C11611%7C1171%7C11721%7C1173%7C1174%7C1175%7C11811%7C11812%7C11821%7C1183%7C1184%7C1185%7C11911%7C11912%7C11921%7C1193%7C1194%7C1195%7C11a11%7C11a12%7C11a21%7C11a3%7C11a4%7C11a5%7C11b1%7C11b21%7C11b3%7C11b4%7C11b5%7C11c1%7C11c2%7C11c3%7C11c4%7C11c51%7C11d11%7C11d12%7C11d21%7C11d3%7C11d4%7C11d5%7C11e11%7C11e12%7C11e21%7C11f11%7C11f12%7C11f2%7C11g11%7C11g2%7C11g3%7C11g4%7C11g5%7C11h11%7C11h12%7C11h2%7C11i11%7C11i12%7C11i2%7C11j1%7C11k1%7C11l1%7C11m1%7C11n1%7C11o1%7C11o21%7C11o22%7C11o23%7C11o24%7C11o25%7C11o26%7C11o27%7C11o28%7C11o29%7C11o2a%7C11o2b%7C11o2c%7C11o2d%7C11o2e%7C11o2f%7C11o2g%7C11o2h%7C11o2i%7C11o3%7C11o4%7C11p1%7C11p2%7C11p3%7C11p4%7C11q1%7C11q2%7C11q3%7C11q4%7C11r1%7C11r2%7C11r3%7C11r4%7C11s1%7C11s2%7C11s3%7C11s4,idMap:1m1*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:4754,sis:7574%7D&br=c
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=ajdxfouger&e=1535582086632
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:e69a:c43c:f0d:9cd8 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:30 GMT
server
nginx
x-server-name
dt11.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 96B2 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=992712&asId=8536ba99-d871-e3dd-3aa1-3d35833fd27b&tv=%7Bc:xHUzYA,pingTime:1,time:7717,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:4753%7D,%7Bpiv:-1,vs:n,r:,t:5547%7D,%7Bpiv:100,vs:i,t:6134%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:2170,o:5547,n:587,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:4753,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B834~0%5D,as:%5B834~728.90%5D%7D%7D,%7Bsl:n,t:5547,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B587~1%5D,as:%5B587~728.90%5D%7D%7D,%7Bsl:i,t:6134,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1583~100%5D,as:%5B1583~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tqVxaI2+11%7C121%7C131%7C141%7C151%7C161%7C171%7C181%7C191%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e11%7C1e12%7C1e13%7C1f11%7C1f12%7C1f13%7C1g11%7C1g21%7C1g3%7C1g4%7C1g5%7C1h1.992712-61653181%7C1h11%7C1h12%7C1h13%7C1h2%7C1h3%7C1h41%7C1h5%7C1i11%7C1i12%7C1i13%7C1i2%7C1i31%7C1i4%7C1i5%7C1j1.992712-61653181%7C1j11%7C1j12%7C1j13%7C1j2%7C1j31%7C1j4%7C1j5%7C1k1.992712-61653181%7C1k11%7C1k12%7C1k13%7C1k21%7C1k3%7C1k4%7C1k5%7C1l1.992712-61653181%7C1l11%7C1l12%7C1l13%7C1l2%7C1l3%7C1l4%7C1l51%7C1m1*.992712-61653181%7C1m11%7C1m12%7C1m2%7C1m31%7C1m4%7C1m5%7C1n1.992712-61653181%7C1n11%7C1n12%7C1n13%7C1n14%7C1n2%7C1n3%7C1n4%7C1n51%7C1o1.992712-61653181%7C1o11%7C1o12%7C1o13%7C1o21%7C1o3%7C1o4%7C1o5%7C1p11%7C1p12%7C1p13%7C1p14%7C1p15%7C1p2%7C1p3%7C1p41%7C1p5%7C1q11%7C1q12%7C1q2%7C1q3%7C1q4%7C1q51%7C1r11%7C1r12%7C1r13%7C1r2%7C1r3%7C1r41%7C1r5%7C1s11%7C1s12%7C1s13%7C1s2%7C1s3%7C1s4%7C1s51%7C1t%7C1u11%7C1u12%7C1u13%7C1v11%7C1v12%7C1v21%7C1v3%7C1v4%7C1v5%7C1w11%7C1w2%7C1w3%7C1w41%7C1w5%7C1x1%7C1x21%7C1x3%7C1x4%7C1x5%7C1y11%7C1y12%7C1y2%7C1y31%7C1y4%7C1y5%7C1z11%7C1z12%7C1z2%7C1z3%7C1z41%7C1z5%7C11011%7C11012%7C1102%7C11031%7C1104%7C1105%7C1111%7C1112%7C11131%7C1114%7C1115%7C11211%7C11212%7C1122%7C1123%7C1124%7C11251%7C11311%7C1132%7C1133%7C1134%7C11351%7C11411%7C11412%7C1142%7C1143%7C11441%7C1145%7C11511%7C11611%7C1171%7C11721%7C1173%7C1174%7C1175%7C11811%7C11812%7C11821%7C1183%7C1184%7C1185%7C11911%7C11912%7C11921%7C1193%7C1194%7C1195%7C11a11%7C11a12%7C11a21%7C11a3%7C11a4%7C11a5%7C11b1%7C11b21%7C11b3%7C11b4%7C11b5%7C11c1%7C11c2%7C11c3%7C11c4%7C11c51%7C11d11%7C11d12%7C11d21%7C11d3%7C11d4%7C11d5%7C11e11%7C11e12%7C11e21%7C11f11%7C11f12%7C11f2%7C11g11%7C11g2%7C11g3%7C11g4%7C11g5%7C11h11%7C11h12%7C11h2%7C11i11%7C11i12%7C11i2%7C11j1%7C11k1%7C11l1%7C11m1%7C11n1%7C11o1%7C11o21%7C11o22%7C11o23%7C11o24%7C11o25%7C11o26%7C11o27%7C11o28%7C11o29%7C11o2a%7C11o2b%7C11o2c%7C11o2d%7C11o2e%7C11o2f%7C11o2g%7C11o2h%7C11o2i%7C11o3%7C11o4%7C11p1%7C11p2%7C11p3%7C11p4%7C11q1%7C11q2%7C11q3%7C11q4%7C11r1%7C11r2%7C11r3%7C11r4%7C11s1%7C11s2%7C11s3%7C11s4,idMap:1m1*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:4754,sis:7574%7D&br=c
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=ajdxfouger&e=1535582086632
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:e69a:c43c:f0d:9cd8 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:30 GMT
server
nginx
x-server-name
dt08.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
usermatch
ssum-sec.casalemedia.com/ Frame 2E3D 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fflashnetic.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7486bcc486b755497ac557e4884b9ff71c5d06088e1495eaf3ae917a160a91dc

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
77e887c84c9a9a1d-FRA
content-encoding
br
content-type
text/html
date
Sat, 24 Dec 2022 10:07:30 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vIDOJIMnF3DI8b45oAcpzo%2BlP%2FR8MYVz0FhTAmE64SX5rT8fL5%2Bg3Cu3FXdaInf6kYCj8dCnaqHfw9MnQy%2Bt1ckJ758E6%2Fr%2FxlUHlrVNlWg9SRjxO51159aiOxm7Qc2x056Ljp02zD1QKw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
dt
dt.adsafeprotected.com/ Frame B5EE 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930248&asId=9e0a00f4-a1e9-4383-2735-964ffd17cedf&tv=%7Bc:xHUzYT,pingTime:1,time:5071,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:2141%7D,%7Bpiv:100,vs:i,r:,t:3470%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1601,o:3470,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:2141,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1365~0%5D,as:%5B1365~728.90%5D%7D%7D,%7Bsl:i,t:3470,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1601~100%5D,as:%5B1601~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:1529,fm:tqVxaI2+11%7C121%7C131%7C141%7C151%7C161%7C171%7C181%7C191%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e11%7C1e12%7C1e13%7C1f11%7C1f12%7C1f13%7C1g11%7C1g21%7C1g3%7C1g4%7C1g5%7C1h1.992712-61653181%7C1h11%7C1h12%7C1h13%7C1h2%7C1h3%7C1h41%7C1h5%7C1i11%7C1i12%7C1i13%7C1i2%7C1i31%7C1i4%7C1i5%7C1j1.992712-61653181%7C1j11%7C1j12%7C1j13%7C1j2%7C1j31%7C1j4%7C1j5%7C1k1.992712-61653181%7C1k11%7C1k12%7C1k13%7C1k21%7C1k3%7C1k4%7C1k5%7C1l1.992712-61653181%7C1l11%7C1l12%7C1l13%7C1l2%7C1l3%7C1l4%7C1l51%7C1m1.992712-61653181%7C1m11%7C1m12%7C1m13%7C1m2%7C1m31%7C1m4%7C1m5%7C1n1.992712-61653181%7C1n11%7C1n12%7C1n13%7C1n14%7C1n2%7C1n3%7C1n4%7C1n51%7C1o1*.930248%7C1o11%7C1o12%7C1o13%7C1o21%7C1o3%7C1o4%7C1o5%7C1p11%7C1p12%7C1p13%7C1p14%7C1p15%7C1p2%7C1p3%7C1p41%7C1p5%7C1q11%7C1q12%7C1q2%7C1q3%7C1q4%7C1q51%7C1r11%7C1r12%7C1r13%7C1r2%7C1r3%7C1r41%7C1r5%7C1s11%7C1s12%7C1s13%7C1s2%7C1s3%7C1s4%7C1s51%7C1t%7C1u11%7C1u12%7C1u13%7C1v11%7C1v12%7C1v21%7C1v3%7C1v4%7C1v5%7C1w11%7C1w2%7C1w3%7C1w41%7C1w5%7C1x1%7C1x21%7C1x3%7C1x4%7C1x5%7C1y11%7C1y12%7C1y2%7C1y31%7C1y4%7C1y5%7C1z11%7C1z12%7C1z2%7C1z3%7C1z41%7C1z5%7C11011%7C11012%7C1102%7C11031%7C1104%7C1105%7C1111%7C1112%7C11131%7C1114%7C1115%7C11211%7C11212%7C1122%7C1123%7C1124%7C11251%7C11311%7C1132%7C1133%7C1134%7C11351%7C11411%7C11412%7C1142%7C1143%7C11441%7C1145%7C11511%7C11611%7C1171%7C11721%7C1173%7C1174%7C1175%7C11811%7C11812%7C11821%7C1183%7C1184%7C1185%7C11911%7C11912%7C11921%7C1193%7C1194%7C1195%7C11a11%7C11a12%7C11a21%7C11a3%7C11a4%7C11a5%7C11b1%7C11b21%7C11b3%7C11b4%7C11b5%7C11c1%7C11c2%7C11c3%7C11c4%7C11c51%7C11d11%7C11d12%7C11d21%7C11d3%7C11d4%7C11d5%7C11e11%7C11e12%7C11e21%7C11f11%7C11f12%7C11f2%7C11g11%7C11g2%7C11g3%7C11g4%7C11g5%7C11h11%7C11h12%7C11h2%7C11i11%7C11i12%7C11i2%7C11j1%7C11k1%7C11l1%7C11m1%7C11n1%7C11o1%7C11o21%7C11o22%7C11o23%7C11o24%7C11o25%7C11o26%7C11o27%7C11o28%7C11o29%7C11o2a%7C11o2b%7C11o2c%7C11o2d%7C11o2e%7C11o2f%7C11o2g%7C11o2h%7C11o2i%7C11o3%7C11o4%7C11p1%7C11p2%7C11p3%7C11p4%7C11q1%7C11q2%7C11q3%7C11q4%7C11r1%7C11r2%7C11r3%7C11r4%7C11s1%7C11s2%7C11s3%7C11s4,idMap:1o1.83f3ab22-d8e3-dcc6-a856-f4ed86a77a42.994_992712-61653181%7C1o1*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:2142,sis:3444%7D&br=c
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=gsuhtufxa&e=1535582086632
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:e69a:c43c:f0d:9cd8 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:30 GMT
server
nginx
x-server-name
dt05.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame B5EE 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930248&asId=9e0a00f4-a1e9-4383-2735-964ffd17cedf&tv=%7Bc:xHUzYT,pingTime:1,time:5071,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:2141%7D,%7Bpiv:100,vs:i,r:,t:3470%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1601,o:3470,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:2141,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1365~0%5D,as:%5B1365~728.90%5D%7D%7D,%7Bsl:i,t:3470,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1601~100%5D,as:%5B1601~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:1529,fm:tqVxaI2+11%7C121%7C131%7C141%7C151%7C161%7C171%7C181%7C191%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e11%7C1e12%7C1e13%7C1f11%7C1f12%7C1f13%7C1g11%7C1g21%7C1g3%7C1g4%7C1g5%7C1h1.992712-61653181%7C1h11%7C1h12%7C1h13%7C1h2%7C1h3%7C1h41%7C1h5%7C1i11%7C1i12%7C1i13%7C1i2%7C1i31%7C1i4%7C1i5%7C1j1.992712-61653181%7C1j11%7C1j12%7C1j13%7C1j2%7C1j31%7C1j4%7C1j5%7C1k1.992712-61653181%7C1k11%7C1k12%7C1k13%7C1k21%7C1k3%7C1k4%7C1k5%7C1l1.992712-61653181%7C1l11%7C1l12%7C1l13%7C1l2%7C1l3%7C1l4%7C1l51%7C1m1.992712-61653181%7C1m11%7C1m12%7C1m13%7C1m2%7C1m31%7C1m4%7C1m5%7C1n1.992712-61653181%7C1n11%7C1n12%7C1n13%7C1n14%7C1n2%7C1n3%7C1n4%7C1n51%7C1o1*.930248%7C1o11%7C1o12%7C1o13%7C1o21%7C1o3%7C1o4%7C1o5%7C1p11%7C1p12%7C1p13%7C1p14%7C1p15%7C1p2%7C1p3%7C1p41%7C1p5%7C1q11%7C1q12%7C1q2%7C1q3%7C1q4%7C1q51%7C1r11%7C1r12%7C1r13%7C1r2%7C1r3%7C1r41%7C1r5%7C1s11%7C1s12%7C1s13%7C1s2%7C1s3%7C1s4%7C1s51%7C1t%7C1u11%7C1u12%7C1u13%7C1v11%7C1v12%7C1v21%7C1v3%7C1v4%7C1v5%7C1w11%7C1w2%7C1w3%7C1w41%7C1w5%7C1x1%7C1x21%7C1x3%7C1x4%7C1x5%7C1y11%7C1y12%7C1y2%7C1y31%7C1y4%7C1y5%7C1z11%7C1z12%7C1z2%7C1z3%7C1z41%7C1z5%7C11011%7C11012%7C1102%7C11031%7C1104%7C1105%7C1111%7C1112%7C11131%7C1114%7C1115%7C11211%7C11212%7C1122%7C1123%7C1124%7C11251%7C11311%7C1132%7C1133%7C1134%7C11351%7C11411%7C11412%7C1142%7C1143%7C11441%7C1145%7C11511%7C11611%7C1171%7C11721%7C1173%7C1174%7C1175%7C11811%7C11812%7C11821%7C1183%7C1184%7C1185%7C11911%7C11912%7C11921%7C1193%7C1194%7C1195%7C11a11%7C11a12%7C11a21%7C11a3%7C11a4%7C11a5%7C11b1%7C11b21%7C11b3%7C11b4%7C11b5%7C11c1%7C11c2%7C11c3%7C11c4%7C11c51%7C11d11%7C11d12%7C11d21%7C11d3%7C11d4%7C11d5%7C11e11%7C11e12%7C11e21%7C11f11%7C11f12%7C11f2%7C11g11%7C11g2%7C11g3%7C11g4%7C11g5%7C11h11%7C11h12%7C11h2%7C11i11%7C11i12%7C11i2%7C11j1%7C11k1%7C11l1%7C11m1%7C11n1%7C11o1%7C11o21%7C11o22%7C11o23%7C11o24%7C11o25%7C11o26%7C11o27%7C11o28%7C11o29%7C11o2a%7C11o2b%7C11o2c%7C11o2d%7C11o2e%7C11o2f%7C11o2g%7C11o2h%7C11o2i%7C11o3%7C11o4%7C11p1%7C11p2%7C11p3%7C11p4%7C11q1%7C11q2%7C11q3%7C11q4%7C11r1%7C11r2%7C11r3%7C11r4%7C11s1%7C11s2%7C11s3%7C11s4,idMap:1o1.83f3ab22-d8e3-dcc6-a856-f4ed86a77a42.994_992712-61653181%7C1o1*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:2142,sis:3444,metricId:publ1,cmr:t%7D&br=c
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=gsuhtufxa&e=1535582086632
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:e69a:c43c:f0d:9cd8 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:30 GMT
server
nginx
x-server-name
dt18.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame B5EE 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930248&asId=9e0a00f4-a1e9-4383-2735-964ffd17cedf&tv=%7Bc:xHUzYU,pingTime:1,time:5072,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:2141%7D,%7Bpiv:100,vs:i,r:,t:3470%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1602,o:3470,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:2141,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1365~0%5D,as:%5B1365~728.90%5D%7D%7D,%7Bsl:i,t:3470,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1602~100%5D,as:%5B1602~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:1529,fm:tqVxaI2+11%7C121%7C131%7C141%7C151%7C161%7C171%7C181%7C191%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e11%7C1e12%7C1e13%7C1f11%7C1f12%7C1f13%7C1g11%7C1g21%7C1g3%7C1g4%7C1g5%7C1h1.992712-61653181%7C1h11%7C1h12%7C1h13%7C1h2%7C1h3%7C1h41%7C1h5%7C1i11%7C1i12%7C1i13%7C1i2%7C1i31%7C1i4%7C1i5%7C1j1.992712-61653181%7C1j11%7C1j12%7C1j13%7C1j2%7C1j31%7C1j4%7C1j5%7C1k1.992712-61653181%7C1k11%7C1k12%7C1k13%7C1k21%7C1k3%7C1k4%7C1k5%7C1l1.992712-61653181%7C1l11%7C1l12%7C1l13%7C1l2%7C1l3%7C1l4%7C1l51%7C1m1.992712-61653181%7C1m11%7C1m12%7C1m13%7C1m2%7C1m31%7C1m4%7C1m5%7C1n1.992712-61653181%7C1n11%7C1n12%7C1n13%7C1n14%7C1n2%7C1n3%7C1n4%7C1n51%7C1o1*.930248%7C1o11%7C1o12%7C1o13%7C1o21%7C1o3%7C1o4%7C1o5%7C1p11%7C1p12%7C1p13%7C1p14%7C1p15%7C1p2%7C1p3%7C1p41%7C1p5%7C1q11%7C1q12%7C1q2%7C1q3%7C1q4%7C1q51%7C1r11%7C1r12%7C1r13%7C1r2%7C1r3%7C1r41%7C1r5%7C1s11%7C1s12%7C1s13%7C1s2%7C1s3%7C1s4%7C1s51%7C1t%7C1u11%7C1u12%7C1u13%7C1v11%7C1v12%7C1v21%7C1v3%7C1v4%7C1v5%7C1w11%7C1w2%7C1w3%7C1w41%7C1w5%7C1x1%7C1x21%7C1x3%7C1x4%7C1x5%7C1y11%7C1y12%7C1y2%7C1y31%7C1y4%7C1y5%7C1z11%7C1z12%7C1z2%7C1z3%7C1z41%7C1z5%7C11011%7C11012%7C1102%7C11031%7C1104%7C1105%7C1111%7C1112%7C11131%7C1114%7C1115%7C11211%7C11212%7C1122%7C1123%7C1124%7C11251%7C11311%7C1132%7C1133%7C1134%7C11351%7C11411%7C11412%7C1142%7C1143%7C11441%7C1145%7C11511%7C11611%7C1171%7C11721%7C1173%7C1174%7C1175%7C11811%7C11812%7C11821%7C1183%7C1184%7C1185%7C11911%7C11912%7C11921%7C1193%7C1194%7C1195%7C11a11%7C11a12%7C11a21%7C11a3%7C11a4%7C11a5%7C11b1%7C11b21%7C11b3%7C11b4%7C11b5%7C11c1%7C11c2%7C11c3%7C11c4%7C11c51%7C11d11%7C11d12%7C11d21%7C11d3%7C11d4%7C11d5%7C11e11%7C11e12%7C11e21%7C11f11%7C11f12%7C11f2%7C11g11%7C11g2%7C11g3%7C11g4%7C11g5%7C11h11%7C11h12%7C11h2%7C11i11%7C11i12%7C11i2%7C11j1%7C11k1%7C11l1%7C11m1%7C11n1%7C11o1%7C11o21%7C11o22%7C11o23%7C11o24%7C11o25%7C11o26%7C11o27%7C11o28%7C11o29%7C11o2a%7C11o2b%7C11o2c%7C11o2d%7C11o2e%7C11o2f%7C11o2g%7C11o2h%7C11o2i%7C11o3%7C11o4%7C11p1%7C11p2%7C11p3%7C11p4%7C11q1%7C11q2%7C11q3%7C11q4%7C11r1%7C11r2%7C11r3%7C11r4%7C11s1%7C11s2%7C11s3%7C11s4,idMap:1o1.83f3ab22-d8e3-dcc6-a856-f4ed86a77a42.994_992712-61653181%7C1o1*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:2142,sis:3444,metricId:grpm1,cmr:t%7D&br=c
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=gsuhtufxa&e=1535582086632
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:e69a:c43c:f0d:9cd8 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 10:07:30 GMT
server
nginx
x-server-name
dt17.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
ping
ping.chartbeat.net/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=forward.com&p=%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F&u=GYQjvC9dCBaBoszMj&d=forward.com&g=53213&g0=News&g1=Andrew%20Silverstein&n=1&f=00001&c=0.27&x=0&m=0&y=7739&o=1600&w=1200&j=30&R=1&W=0&I=0&E=5&e=4&r=&PA=https%3A%2F%2Fforward.com%2Fnews%2F529130%2Fgeorge-santos-jewish-lie-genealogy-records%2F&b=1283&t=C5fdHOBLMND2DThJgvDOhUQbJCDGV&V=139&tz=0&_acct=anon&sn=3&sv=Cjff33Dzb3_bD4hPW4ett-dBAuPhV&sd=1&im=067b0fff&_
Requested by
Host: forward.com
URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.154.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-154-34.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 24 Dec 2022 10:07:30 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=1258

Verdicts & Comments Add Verdict or Comment

191 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 object| 35 object| 36 object| 37 object| 38 object| 39 object| 40 object| 41 object| 42 object| 43 object| 44 object| 45 object| 46 object| 47 object| 48 object| 49 object| 50 object| 51 object| 52 object| 53 object| 54 object| 55 object| 56 object| 57 object| 58 object| 59 object| 60 object| 61 object| 62 object| 63 object| oncontentvisibilityautostatechange object| google_tag_manager object| dataLayer function| gtag string| GoogleAnalyticsObject function| ga object| google_tag_data object| _sf_async_config function| $ function| jQuery object| safetag_fpd object| safetag_lists object| iterableAjax function| setNptTechAdblockerCookie object| script function| clarity function| fbq function| _fbq function| adGridInitiate object| adGrid object| gaplugins object| gaGlobal object| gaData object| BlockAdBlock object| blockAdBlock object| _cb_shared object| pSUPERFLY_mab object| _cbq object| pSUPERFLY function| onYouTubeIframeAPIReady object| _cbm function| subscribeToIterableNewsletters object| tp object| postData object| scriptData object| pbjs object| googletag object| PQ object| advImpVar object| winTopPos number| winTopIframeYOffset boolean| isInitialLoad boolean| detectPageScrolling string| adgridFqdn string| topLevelDomain string| domainName string| adgridCurPage boolean| adgridVideoWrap number| winWidth number| winHeight string| deviceType function| adGridLoadPrebidAndGPT object| pbjsChunk object| _pbjsGlobals object| ADAGIO object| mnet string| nobidVersion object| nobid object| advJson number| adgridScrollDelayTime boolean| adg_debug boolean| adg_devs boolean| adg_counters boolean| adg_preview boolean| adg_gamoff string| adgridDVNetworkPath object| jwplayerInstanceMapping boolean| adGridIsTabActive object| advWrapper string| adGridInterstitialIuPath number| adgridDomainId boolean| adGridEnableReports object| aax function| toggleStickyState object| stickyElement function| insertAfter object| ggeac object| google_js_reporting_queue function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray function| _typeof boolean| pnFullTPVersion number| pnInitPerformance boolean| pnHasPolyfilled object| pn string| __tpVersion object| SWG function| ___tp undefined| google_measure_js_timing number| checkTop number| checkBottom boolean| halfInViewport boolean| fullInViewport boolean| halfInViewportWithBuffer object| seventyInViewport object| ninetyInViewport object| hundredInViewport boolean| isAboveFold boolean| isBelowFold object| result string| gmPAVKeyName object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| regeneratorRuntime object| _avp function| runWidgets object| cX function| cxCCE_callQueueExecute object| cxTest object| PianoESPConfig object| ari object| sas object| apntag object| _ADAGIO object| adgridCreatives object| adpnExecutions object| aliveChecks boolean| adpnLoaded object| AVP function| AVP_ActivateFlash function| AVP_ActivateFlashByVersion undefined| cXJsonpCB1 object| criteo_syncframe_state number| lnt_z

173 Cookies

Domain/Path Name / Value
.forward.com/ Name: _gid
Value: GA1.2.2105209662.1671876434
.forward.com/ Name: _gat_gtag_UA_7290892_1
Value: 1
.forward.com/ Name: _gat
Value: 1
www.clarity.ms/ Name: CLID
Value: 99c0f352e58b4b3ca9f2efe93e943b5a.20221224.20231224
.forward.com/ Name: _ga
Value: GA1.1.550322770.1671876434
.forward.com/ Name: _ga_M5T63K49VC
Value: GS1.1.1671876434.1.1.1671876434.60.0.0
.forward.com/ Name: _clck
Value: 11wwgyw|1|f7o|0
forward.com/ Name: __adblocker
Value: false
.forward.com/ Name: _cb
Value: GYQjvC9dCBaBoszMj
.forward.com/ Name: _chartbeat2
Value: .1671876434559.1671876434559.1.Cjff33Dzb3_bD4hPW4ett-dBAuPhV.1
.forward.com/ Name: _cb_svref
Value: null
.forward.com/ Name: _fbp
Value: fb.1.1671876434624.1001123629
.piano.io/ Name: __cf_bm
Value: CBaeJfo0._Op6xBwj3FpIJFn.Ga.dosjFD4E0PIhmqI-1671876434-0-AYmDjp8fPbV2poOtvJhXhtouy2B6sNL2MP+IAYt6c0sgnxpaf9ZaOD1Mta9oCdqE5g6ofjMOK2niAz23qoA26ts=
.forward.com/ Name: _pctx
Value: %7Bu%7DN4IgrgzgpgThIC4B2YA2qA05owMoBcBDfSREQpAeyRCwgEt8oBJAEzIEYOBmATgHYATIP7cArABYAbFP7SOADkEgAvkA
.forward.com/ Name: _pcid
Value: %7B%22browserId%22%3A%22lc1s29cylwt8hdbq%22%7D
forward.com/ Name: __pnahc
Value: 0
.forward.com/ Name: _clsk
Value: 1bylolg|1671876435097|1|1|n.clarity.ms/collect
forward.com/ Name: PHPSESSID
Value: 948faa1cf28b2f496946ec5827b1aec9
.forward.com/ Name: __tbc
Value: %7Bkpex%7DmohQ7mqB70oQ5RI43JrcxU7_mV_3pnnJt_Vj-jM2cAf2c_zu6T9n1wff9qqX2t_O
.forward.com/ Name: __pat
Value: -28800000
.forward.com/ Name: __pvi
Value: eyJpZCI6InYtbGMxczI5ZDV1eHppaXp4MiIsImRvbWFpbiI6Ii5mb3J3YXJkLmNvbSIsInRpbWUiOjE2NzE4NzY0MzUxNTF9
.forward.com/ Name: xbc
Value: %7Bkpex%7DVwwJM9K0PRvd8Z1N9Ehhq_52ji9NPM08HJsHbyanBFwiDK2KzGGt-fqFMSDCO-WTv19w7VYPO2wubukZ14ae6fpQ7WFI66QCi-eSSJ2KFJnkKvvLDMTkBlim5d1uFjqLnnaqhc9_npb9dnGSfn-4NpvZra9oGF82jaYkweJ3TzMrXi3_y0z6upSSeX0LGcUXKmbd6AKqOKQfT7nAqwZziSfCI4sMfL-WTTkMAJVBZs6U_XtTYS7Au0LWOHv-Fh_Oc-Ypm6QItzLWaD3uO2ovM5w78u21VHpnq7MnJu8_heysQfw81xcDHrpLsA1e9dX-2EKmEejOc6pQ22vWc7M7KVTCzoJLaSl8w7guZVfkUG3w7bqpTsyKqwzsD0Tl0I92vn5ZiRprGLzTs6ml9cQgvNDcV1OUUqKbk_fRgWOQqnWRVxMvAlxLooFbuuD7j3ZRyETZmPm42eR8lK2hlMPfxRGP2gSO7l0rk53uiyA6e4daCjsI18Vft64HRx1Xw9YklhQDgTqFnMYDk6FsFOZ6wBmrjaj-QyEzQwUF8fVjprguzhkgKjYkXJXcJbTueGiGkyPzAQaqRsaT83sZBlHLyFA-Vv1nR_v-BmGYCuuN54agJlF_CzC8QHEoGngQ9okK
.rubiconproject.com/ Name: khaos
Value: LC1S29LF-1O-GUV9
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qoBMtoiM/Z/4QNb0fGVcfL/XWaA1sYWTLGb55ZO9yeic//ooxnyborlrq/N5GEYpH3AUJ+gL7gixZMGLbLARMORG7JtXJVTTK0=
.forward.com/ Name: cX_S
Value: lc1s29mopehg4qkv
.forward.com/ Name: cX_P
Value: lc1s29cylwt8hdbq
.forward.com/ Name: __gads
Value: ID=00d71eeb7218a6f1:T=1671876435:S=ALNI_MZj7UvGLW8KA8qVkkACX9ZboIyD-A
.forward.com/ Name: __gpi
Value: UID=00000b97e6383860:T=1671876435:RT=1671876435:S=ALNI_Ma8AlKNCprDUKxC_SPmXoQIE3cynA
.doubleclick.net/ Name: IDE
Value: AHWqTUmKUvNSb0ODOxttANflYKh3GMu420k6MJFT1n6dT9nOey65iJOy7D3wAHBesEg
.serverbid.com/ Name: CONSUMABLEID
Value: 074312516e6241dc8312516e6211dc74
ads.bidstreamserver.com/ Name: AVPUID
Value: 9070c017ce75def74666ccd2bb5bc39f
.cxense.com/ Name: gckp
Value: cx:15jj6n7st8oum3tr7r8xhc4h6i:34awkddvbyx83
.forward.com/ Name: cX_G
Value: cx%3A15jj6n7st8oum3tr7r8xhc4h6i%3A34awkddvbyx83
.adnxs.com/ Name: uuid2
Value: 6212074435349714829
forward.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.forward.com/ Name: _pubcid
Value: 6f087773-b138-4697-9406-4a3911f5ba37
.adfarm1.adition.com/ Name: UserID1
Value: 7180654624183416986
.flashtalking.com/ Name: flashtalkingad1
Value: "GUID=547141C502C1FA"
.mathtag.com/ Name: uuid
Value: 97cb63a6-cf57-4b00-93fc-283781cb1270
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: 912fd53ad65a9538
.casalemedia.com/ Name: CMID
Value: Y6bPWOa4eXFjFoTtryyD1wAA
.casalemedia.com/ Name: CMPS
Value: 1203
.casalemedia.com/ Name: CMPRO
Value: 1203
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0sDSzMDUzMjUxMLcwsABiIT5D3aACzzxzA6fQAhcLSwDV1AiyJQAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0sDSzMDUzMjUxMLcwsABiIT5D3aACzzxzA6fQAhcLSwDV1AiyJQAAAA
.go.sonobi.com/ Name: HAPLB8S
Value: s8529|Y6bPW
forward.com/ Name: _lr_retry_request
Value: true
forward.com/ Name: _lr_env_src_ats
Value: false
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 88A45D14-ACF1-42C5-8783-39F4189AF5BF
.awin1.com/ Name: awpv11524
Value: 296283|1671876441|c1d42690-8372-11ed-af39-22634e1a9496
.awin1.com/ Name: awpv11601
Value: 113440|1671876441|c1d6bea4-8372-11ed-9c46-22393de2050e
.awin1.com/ Name: AWSESS
Value: 357526:3266505
trf.greatviews.de/ Name: ads_si
Value: a%3A3%3A%7Bs%3A2%3A%22si%22%3Bs%3A36%3A%22c1ea0050-8372-11ed-b29e-00155d255900%22%3Bs%3A3%3A%22sit%22%3Bs%3A10%3A%221671962842%22%3Bs%3A6%3A%22expire%22%3Bi%3A0%3B%7D
trf.greatviews.de/ Name: cjcookie
Value: a%3A2%3A%7Bs%3A2%3A%22id%22%3Bs%3A38%3A%22cjc1ea1b30-8372-11ed-b29e-00155d255900%22%3Bs%3A6%3A%22expire%22%3Bi%3A1734948442%3B%7D
trf.greatviews.de/ Name: mcookie
Value: a%3A3%3A%7Bs%3A4%3A%22m316%22%3Bs%3A36%3A%22c1e9fff6-8372-11ed-b29e-00155d255900%22%3Bs%3A11%3A%22click_12771%22%3Bs%3A57%3A%221671876442%25%255712300%25%25c1e9ff4c-8372-11ed-b29e-00155d255900%22%3Bs%3A6%3A%22expire%22%3Bi%3A1687428442%3B%7D
trf.greatviews.de/ Name: ads_pu
Value: a%3A2%3A%7Bs%3A4%3A%22seen%22%3Bs%3A1%3A%221%22%3Bs%3A6%3A%22expire%22%3Bi%3A1672481242%3B%7D
trf.greatviews.de/ Name: ads_ps
Value: a%3A2%3A%7Bs%3A4%3A%22seen%22%3Bs%3A1%3A%221%22%3Bs%3A6%3A%22expire%22%3Bi%3A0%3B%7D
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA__vFyGtoZm5oYW5mYmJkaGbYJY7gGxgbGQEACA5z3iAAAAA
.www.parship.de/ Name: __cf_bm
Value: mThqiWCn1w_ZgXuWfYGLyW1WAD.tubHNDW3GtFBQla8-1671876442-0-AYSOhBVwRcundzHrvQ02TS264ZiNZY8Pp8cRL0meKpcquHVXJVH9bwgqm4POQULB2u4AO+pZX+6/RmKlXbiMbXg=
.advanseads.com/ Name: ADV-BCID
Value: ff233122-38bc-459d-8277-6221d76108f9
forward.com/ Name: pbjs-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-12-24T10%3A07%3A21%22%7D
.demdex.net/ Name: demdex
Value: 12155566209154584002607668853472286169
.adnxs.com/ Name: icu
Value: ChgIuf9kEAoYDyAPKA8w256bnQY4D0APSA8KGQi5j4QBEAoYASABKAEw156bnQY4AUABSAEQ256bnQYYDw..
.turn.com/ Name: uid
Value: 3396307127223499462
.simpli.fi/ Name: suid
Value: 8874ED5CEE8940DDB1B8506056D965E5
.weborama.fr/ Name: AFFICHE_W
Value: AR-uJiWYusIB25
.zeotap.com/ Name: zc
Value: d65aec00-c6de-473e-7d58-4e7e5626a8cd
.de17a.com/ Name: guid
Value: 1.89797467634599058
.quantserve.com/ Name: mc
Value: 63a6cf5b-3a468-13410-7af33
.adform.net/ Name: C
Value: 1
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-b14d922d-cac0-440e-873d-844e0ee48b56-003%22%2C%22zdxidn%22%3A%221508%22%2C%22nxtrdr%22%3Afalse%7D
.bidswitch.net/ Name: tuuid
Value: 755320ee-2727-4208-8ed9-6b19251e856a
.bidswitch.net/ Name: c
Value: 1671876443
.yahoo.com/ Name: A3
Value: d=AQABBFvPpmMCEAGphz42FsUAhX2AzsazE7wFEgEBAQEgqGOwYwAAAAAA_eMAAA&S=AQAAAq7LQhbdDxEgxq1ymrGIG-Y
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7180654624183416986&KRTB&23278-7180654624183416986&KRTB&23369-7180654624183416986
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-6212074435349714829&KRTB&23339-6212074435349714829
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y6bPWwAF2FDiKwAe
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-fwsE4CpeULRkCwTifwBI53oMVOZkDwSwegvUrVEV&KRTB&19420-fwsE4CpeULRkCwTifwBI53oMVOZkDwSwegvUrVEV&KRTB&22979-fwsE4CpeULRkCwTifwBI53oMVOZkDwSwegvUrVEV&KRTB&23403-fwsE4CpeULRkCwTifwBI53oMVOZkDwSwegvUrVEV
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-89797467634599058
.bidr.io/ Name: bito
Value: AACvtU7HTZ8AACCc-W2WOA
.bidr.io/ Name: bitoIsSecure
Value: ok
.onaudience.com/ Name: cookie
Value: e5cc4c2eac971790
.onaudience.com/ Name: done_redirects104
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-Y6bPWwAF2FDiKwAe&KRTB&22978-Y6bPWwAF2FDiKwAe&KRTB&23194-Y6bPWwAF2FDiKwAe&KRTB&23209-Y6bPWwAF2FDiKwAe
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:97cb63a6-cf57-4b00-93fc-283781cb1270&KRTB&16736-uid:97cb63a6-cf57-4b00-93fc-283781cb1270&KRTB&23019-uid:97cb63a6-cf57-4b00-93fc-283781cb1270&KRTB&23208-uid:97cb63a6-cf57-4b00-93fc-283781cb1270
.amazon-adsystem.com/ Name: ad-id
Value: Az9YoEysFESnoKWKrbSgb4w
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.tribalfusion.com/ Name: ANON_ID
Value: aHnseFolXVjQuWx7J3gJk0Zc4f0BCK2Zdg3XcC7KMWn7mZajC1xRoYFbBwZbmDhQsMBXBmR7jPVrWsOJJbPFnwKu
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-45890482-f084-4490-739a-6289922769fc.L65NAmUlUvihA3SsQOHZl1fMnLV9A4wpxV4Y4IMNYa0
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3ARYkEgvCERJBzmmKJkidp_FD_B2w.mlANHyaIG1QMXqzl4Ue%2FidxwWtNgj6nXk8Sr%2F8ctuLs
ads.playground.xyz/ Name: connect.sid
Value: s%3AcpC_O5rewID5MO3hoopvSpvqu_4tKJDE.vcyA8I4sc44YL9NtC3dtbd46BPFEmvoytmpv%2FlzxW9Q
.adsby.bidtheatre.com/ Name: __kuid
Value: ec631b23-e914-4609-9fb3-645e9fe40f74.441090443
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-RYkEgvCERJBzmmKJkidp_FD_B2w&KRTB&23334-RYkEgvCERJBzmmKJkidp_FD_B2w&KRTB&23417-RYkEgvCERJBzmmKJkidp_FD_B2w&KRTB&23426-RYkEgvCERJBzmmKJkidp_FD_B2w
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 196008ffdcc28a39
.adfarm1.adition.com/ Name: lv_5371872
Value: w=4751363|t=1671876443
.dpm.demdex.net/ Name: dpm
Value: 12155566209154584002607668853472286169
.forward.com/ Name: cto_bundle
Value: G96WJ195WXhtJTJGUUgyQXRIcnRCJTJCZHZ5c1BqQUFJaWRnZ2d2QmVNN2FUVmJXaXBFbzBnM003VVpTSnRaMiUyRnJyQkZvJTJCNEFPU3ZZRWxqQXhHcE1NZFdlelhJVVhlQUJ4bFd5RFZRVDVvdVJQVUJKWHpNdDN4bHpWVGQwRURobXNJTU9lZXl5
.forward.com/ Name: cto_bidid
Value: ZpDJ1V9veU12STVMcSUyRm12ZFZ6TW5PYk9zbTdDMlZXJTJGdU8yeGFidVE3eVg5cmR3VTE2b0RaRUdrc09qRG1iWWpNeFFKemVWQ3E3OUtvYlJHSnpxSlFZVFVsV1ElM0QlM0Q
.smartadserver.com/ Name: pid
Value: 1653069145252192142
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 127:AACvtU7HTZ8AACCc-W2WOA
.adform.net/ Name: uid
Value: 7236359441748730540
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AACvtU7HTZ8AACCc-W2WOA
.bidswitch.net/ Name: tuuid_lu
Value: 1671876444
.w55c.net/ Name: wfivefivec
Value: h2WmCXc31P91r65
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEGHLRzYLHruTaEFtQX6nyfs&KRTB&16514-CAESEGHLRzYLHruTaEFtQX6nyfs&KRTB&23025-CAESEGHLRzYLHruTaEFtQX6nyfs&KRTB&23386-CAESEGHLRzYLHruTaEFtQX6nyfs
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-3396307127223499462&KRTB&23150-3396307127223499462
.pubmatic.com/ Name: SyncRTB3
Value: 1672444800%3A15_2_223%7C1673136000%3A35%7C1672704000%3A63%7C1674432000%3A203%7C1677024000%3A69%7C1673049600%3A254_214_81_22_21_251_56_3_7_234_220_55_161_238_204_233_99_13_176_88_8_243_71_54_165_166
.pubmatic.com/ Name: DPSync3
Value: 1673049600%3A219_227_197_221_241_235_226_201_245%7C1671926400%3A174
prebid.bidstreamserver.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhbXgiOnsidWlkIjoiZTM0YmE5NmMtNGRmZi00OGNlLWIzZGYtOTZjZDljZDE5OTRkIiwiZXhwaXJlcyI6IjIwMjMtMDEtMDdUMTA6MDc6MjUuNjA5NjQ0NzAxWiJ9fSwiYmRheSI6IjIwMjItMTItMjRUMTA6MDc6MjAuMjA2MDE2MjAzWiJ9
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-7236359441748730540&KRTB&23263-7236359441748730540
.w55c.net/ Name: matchcasale
Value: 5
.adfarm1.adition.com/ Name: lv_5351030
Value: w=4003897|t=1671876445
.adfarm1.adition.com/ Name: lv_5389952
Value: w=4786773|t=1671876445
.taptapnetworks.com/ Name: SONATA_ID
Value: csonata_4aace8a4-3ced-4d52-835f-59428ac9be0a
m.exactag.com/ Name: exactag_new_gk
Value: c7c93caaf7b5473483fe8af8f088157c%7C22.02.2023%2010%3A07%3A26
m.exactag.com/ Name: session_session
Value: 6a82da2c17dd40d7aec96f50
.quantserve.com/ Name: d
Value: EKQBEgHxJ_ijC_vLEA
.analytics.yahoo.com/ Name: IDSYNC
Value: "18z8~290y:175w~290y"
.company-target.com/ Name: tuuid
Value: 5e432e67-f557-4027-a581-a53d0d77e612
.ads.stickyadstv.com/ Name: UID
Value: 1f6fe6b22613c7e96f59d2f6bc7ad194
.ads.stickyadstv.com/ Name: uid-bp-34673
Value: Y6bPWOa4eXFjFoTtryyD1wAA&1203
.parship.de/ Name: NVI_LC2
Value: 01_100_60078_1469_0001_0001_empty_AF00ID_GV1671876442.5712300.c1e9ff4c-8372-11ed-b29e-00155d255900ID_TS%3A1671876447
.parship.de/ Name: NVI_FC
Value: 01_100_60078_1469_0001_0001_empty_AF00ID_GV1671876442.5712300.c1e9ff4c-8372-11ed-b29e-00155d255900ID_TS%3A1671876447
.gammaplatform.com/ Name: _aCMR_1
Value: 5
.gammaplatform.com/ Name: _aGeoIp
Value: US|Bronx
.gammaplatform.com/ Name: _aUID
Value: nkh8gtcfmc1h
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-755320ee-2727-4208-8ed9-6b19251e856a
.pubmatic.com/ Name: PugT
Value: 1671876446
.brand-display.com/ Name: _knxq_
Value: 12f3d347-713d-dd7a-fe33f9e7.1671876446.4.1671876447.1671876447
.ctnsnet.com/ Name: cid
Value: 6b65e8f67c574f6783cc100621111b41
.office-partner.de/ Name: source
Value: {"webgains_webgains":{"timestamp":1671876448142,"clickCookie":false}}
.fiftyt.com/ Name: fifid
Value: 2c434848-da4c-4ffc-4f83-3c5a076c4401
.onaudience.com/ Name: done_redirects147
Value: 1
.scoota.co/ Name: c
Value: 1671876448
.onaudience.com/ Name: done_redirects161
Value: 1
.scoota.co/ Name: tuuid
Value: 03261727-0c90-4ff7-bb00-6d9b4be2bf30
.company-target.com/ Name: tuuid_lu
Value: 1671876448
.semasio.net/ Name: SEUNCY
Value: 78E5FFC9F8077A6C
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&09e8b1e2-c4b2-4c03-8fff-8a5282f2ddde"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NzE4NzY0NDg7MjswMjFubo4QSbXqXaZ+BxaJP0pIP7KfyU1Tid/mtWaYCA8SOw==
.linkedin.com/ Name: lidc
Value: "b=OGST08:s=O:r=O:a=O:p=O:g=2456:u=1:x=1:i=1671876448:t=1671962848:v=2:sig=AQESO8JB1Tm1I3I_TmV-rtI_jQDpE80U"
.book-secure.com/ Name: FbTrackID
Value: 349ea066357586a8f48983aa0e8f9925a6c012dd
.audrte.com/ Name: arcki2
Value: 85bTROoaKXrRwe67-O9p1uoww!20220908!1671876448506!ip#80.255.7.108
.audrte.com/ Name: arcki2_pubmatic
Value: 88A45D14-ACF1-42C5-8783-39F4189AF5BF!20220908!1671876448509
.pubmatic.com/ Name: KRTBCOOKIE_1310
Value: 23431-nkh8gtcfmc1h&KRTB&23446-nkh8gtcfmc1h
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1671898048758
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 17
.scoota.co/ Name: tuuid_lu
Value: 1671876449
.adfarm1.adition.com/ Name: lv_5641793
Value: w=4787253|t=1671876448
.fiftyt.com/ Name: cs
Value: MTY3MTg3NjQ0OXxEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fJDJ71I1LtSR2BXk_LqFNvkh6QpFuC4QWMnsEPvRTXY-
.fiftyt.com/ Name: fppm
Value: 20221224100729
.csync.loopme.me/ Name: viewer_token
Value: 9a2a2c1a-6050-413d-af08-52a04c33186b
.ads.avads.net/ Name: av-mid
Value: 1be00cb1-674a-4cf6-948e-636f87f6abb1
.ads.avads.net/ Name: av-tp-bsw
Value: 1
.creative-serving.com/ Name: tuuid
Value: 42cda133-5d22-44e1-a0f2-c788baa8b708
.creative-serving.com/ Name: c
Value: 1671876449
.creative-serving.com/ Name: tuuid_lu
Value: 1671876449
.adfarm1.adition.com/ Name: lv_5357536
Value: w=3935728|t=1671876448
.fwmrm.net/ Name: _uid
Value: "v1b0b_7180654671408516694"
.criteo.com/ Name: uid
Value: eb534927-4447-4d23-83e7-fcb9dfc1b8c5
.onaudience.com/ Name: done_redirects68
Value: 1
.ads.stickyadstv.com/ Name: uid-bp-36033
Value: v1b0b_7180654671408516694
.ads.stickyadstv.com/ Name: MRM_UID
Value: v1b0b_7180654671408516694
.pubmatic.com/ Name: SPugT
Value: 1671876450
.adfarm1.adition.com/ Name: lv_5572862
Value: w=2885600|t=1671876452
.onaudience.com/ Name: done_redirects219
Value: 1
.ads.stickyadstv.com/ Name: uid-bp-159
Value: CAESELl8Brf4ZlYIBIbRXnmb64c
.zeotap.com/ Name: zsc
Value: %CE%FA%BA%F4%00%EEN%24%AAdUEIg%0B%91%A3%097%84%D6%2F%A1%28%3C%92%28%CD%DE%FF%D0C%A9%E6%8A%1C%0C%03%F8%EC%8D%CE%C7v%9DV%A3%93GE%A9%17%1A%9C%0D%29%FEd%FA%F1%7CU%EEo%BD%7B%0E%DA%9C%EC%18%3E%EE%7D%01%C21%C8T%0B%3E%E9%11
.casalemedia.com/ Name: CMTS
Value: 2220
m.exactag.com/ Name: exactag_new_uk
Value: 14e9473259b34710b383d88b1de64be9%7c
.lijit.com/ Name: ctag
Value:

30 Console Messages

Source Level URL
Text
network error URL: https://fonts.googleapis.com/css2?family=Georgia
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://www.googletagservices.com/dcm/impl_v92.js(Line 99)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://www.googletagservices.com/dcm/impl_v92.js(Line 99)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://www.googletagservices.com/dcm/impl_v92.js(Line 99)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://www.googletagservices.com/dcm/impl_v92.js(Line 99)
Message:
Unrecognized feature: 'attribution-reporting'.
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://prebid.bidstreamserver.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://prebid.bidstreamserver.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://prebid.bidstreamserver.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
other warning URL: https://www.googletagservices.com/dcm/impl_v92.js(Line 99)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://www.googletagservices.com/dcm/impl_v92.js(Line 99)
Message:
Unrecognized feature: 'attribution-reporting'.
javascript error URL: https://forward.com/news/529130/george-santos-jewish-lie-genealogy-records/
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=1258' from origin 'https://forward.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=1258
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: https://www.googletagservices.com/dcm/impl_v92.js(Line 99)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://www.googletagservices.com/dcm/impl_v92.js(Line 99)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=88A45D14-ACF1-42C5-8783-39F4189AF5BF&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=e5cc4c2eac971790/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DkODCF8PznVjjWjXngjRTbTRa
Message:
Failed to load resource: the server responded with a status of 404 ()
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://prebid.bidstreamserver.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
other warning URL: https://www.googletagservices.com/dcm/impl_v92.js(Line 99)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://www.googletagservices.com/dcm/impl_v92.js(Line 111)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
other warning URL: https://www.googletagservices.com/dcm/impl_v92.js(Line 99)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://www.googletagservices.com/dcm/impl_v92.js(Line 99)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://delivery.advanseads.com/1.0/9038166945075165301
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://www.googletagservices.com/dcm/impl_v92.js(Line 99)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://cdn.advanseads.com/dnaFiles/fonts/red-hat-inc_liberation-sans/LiberationSans-Regular.ttf.ttf
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
other warning URL: https://imagesrv.adition.com/banners/268/01/02/b8/18/index.html?clicktag=https%3A%2F%2Ffra1%2Dib.adnxs.com%2Fclick%3FKHqKBn054D9ViIyJNfvYPwAAAIA9Cu8%5FRxz1wmt%5F5D%5FH155ZEqDqP%2DH0GTgw6Zw7jRdONcm4NVZVz6ZjAAAAAJdDgQEYKAAAsAQAAAIAAADAAz8YnuYfAAAAAABVU0QARVVSANgCWgAx%2DQAAAAABAQUCAAAAAMoAWyUv4wAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521BhJD%5FAjJo5YaEMCH%5FMEBGJ7NfyAAKAAxAAAAAAAAAAA6CUZSQTE6NTc3N0CIMElIMxZNZyfuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTIwMCNGUkExOjU3Nzc%3D%2Fbn%3D75880%2Fclickenc%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7180654632757234698%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7180654624183416986%2526sid%253D4787253%2526kid%253D5641793%2526bid%253D17071378%2526c%253D32825%2526keyword%253D%25255Bmtp%25255D%252528cid%252529406782912%25255BAAID%25255D%25255BIDFA%25255D%25255Bu%25255Dhttps%25253A%25252F%25252Fforward.com%25252F%25255Bp%25255D1654713%25255Bmtp%25255D%252528segc%252529%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7180654649941363469%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7180654624183416986%2526sid%253D2885600%2526kid%253D5572862%2526bid%253D16955416%2526c%253D64632%2526keyword%253DPACS%25255F4787253%25255F17071378%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D(Line 1)
Message:
<link rel=preload> has an invalid `href` value
other warning URL: https://www.googletagservices.com/dcm/impl_v92.js(Line 99)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://imagesrv.adition.com/banners/268/01/02/b8/22/index.html?clicktag=https%3A%2F%2Ffra1%2Dib.adnxs.com%2Fclick%3FkmrOcDsU4D8iU7tT2MHYPwAAAIAUruc%5FR8XGl%2Dxq5D8TDyibcoXqP7FgxrpyvWxnjRdONcm4NVZWz6ZjAAAAAHlDgQEYKAAAsAQAAAIAAAC8Az8YnuYfAAAAAABVU0QARVVSACwB%2DgAx%2DQAAAAABAQUCAAAAAMoACCYpQAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521ABIX%2DgjJo5YaELyH%5FMEBGJ7NfyAAKAAxAAAAAAAAAAA6CUZSQTE6NTI5OECIMElIMxZNZyfuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTIwMCNGUkExOjUyOTg%3D%2Fbn%3D93260%2Fclickenc%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7180654637074942986%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7180654624183416986%2526sid%253D4787252%2526kid%253D5641793%2526bid%253D17071377%2526c%253D42599%2526keyword%253D%25255Bmtp%25255D%252528cid%252529406782908%25255BAAID%25255D%25255BIDFA%25255D%25255Bu%25255Dhttps%25253A%25252F%25252Fforward.com%25252F%25255Bp%25255D1654713%25255Bmtp%25255D%252528segc%252529%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7180654654252321549%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7180654624183416986%2526sid%253D2885601%2526kid%253D5572862%2526bid%253D16955426%2526c%253D27139%2526keyword%253DPACS%25255F4787252%25255F17071377%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D(Line 1)
Message:
<link rel=preload> has an invalid `href` value
network error URL: https://delivery.advanseads.com/1.0/7456801128598311661
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://cdn.advanseads.com/dnaFiles/fonts/red-hat-inc_liberation-sans/LiberationSans-Regular.ttf.ttf
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
other warning URL: https://imagesrv.adition.com/banners/268/00/ff/3e/f2/index.html?clicktag=https%3A%2F%2Ffra1%2Dib.adnxs.com%2Fclick%3Fk653z5Oysz%5FLwY9BKFSuPwAAAIA9Cu8%5FKcz3Y8W2tj8aL90kBoG9P4i9CedR9m5qjRdONcm4NVZXz6ZjAAAAAJdDgQEYKAAAsAQAAAIAAAA89xEWnuYfAAAAAABVU0QARVVSANgCWgAx%2DQAAAAABAQUCAAAAAMoAEyY8SgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521PBIcEgiWzrgZELzux7ABGJ7NfyAAKAAxAAAAAAAAAAA6CUZSQTE6NTY4N0CIMElIMxZNZyfuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTIwMCNGUkExOjU2ODc%3D%2Fbn%3D93360%2Fclickenc%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7180654649936841738%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7180654624183416986%2526sid%253D4751363%2526kid%253D5371872%2526bid%253D16301114%2526c%253D58636%2526keyword%253D%25255Bmtp%25255D%252528cid%252529370276156%25255BAAID%25255D%25255BIDFA%25255D%25255Bu%25255Dhttps%25253A%25252F%25252Fforward.com%25252F%25255Bp%25255D1654713%25255Bmtp%25255D%252528segc%252529%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7180654671418821389%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7180654624183416986%2526sid%253D3935728%2526kid%253D5357536%2526bid%253D16727794%2526c%253D33416%2526keyword%253DPACS%25255F4751363%25255F16301114%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D(Line 1)
Message:
<link rel=preload> has an invalid `href` value

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

18ac39e9d44761ba375f80b3a5165cc4.safeframe.googlesyndication.com
1f2e7.v.fwmrm.net
3beb1f81fc485bd83fb3615e658cef3b.safeframe.googlesyndication.com
5910bc36042e5ea26beb34c4e16d8590.safeframe.googlesyndication.com
5994599.fls.doubleclick.net
5a0b7fa0b7bc097353a0829cd558de54.safeframe.googlesyndication.com
a.ad.gt
a.audrte.com
a.tribalfusion.com
aax-eu.amazon-adsystem.com
acdn.adnxs-simple.com
acdn.adnxs.com
ad-events.flashtalking.com
ad.doubleclick.net
ad.turn.com
ad13.adfarm1.adition.com
ad2.adfarm1.adition.com
ad4.adfarm1.adition.com
ad4m.at
ads.avads.net
ads.bidstreamserver.com
ads.creative-serving.com
ads.playground.xyz
ads.pubmatic.com
ads.rubiconproject.com
ads.servenobid.com
ads.stickyadstv.com
adservice.google.com
adservice.google.de
adv.office-partner.de
analytics.webgains.io
ap.lijit.com
api.rlcdn.com
aud.pubmatic.com
b1sync.zemanta.com
beacon-ams3.rubiconproject.com
beacon.sojern.com
bh.contextweb.com
bidder.criteo.com
bidswitch-eu.splicky.com
buy.tinypass.com
c1.adform.net
c2.piano.io
c2shb.pubgw.yahoo.com
cache.sellwild.com
casale-match.dotomi.com
cc7252416ebc341fc31d3df3ea1fddde.safeframe.googlesyndication.com
cdn.adnxs.com
cdn.adswizz.com
cdn.advanseads.com
cdn.cxense.com
cdn.flashtalking.com
cdn.indexww.com
cdn.tinypass.com
cdn.track.production.webgains.team
cdnjs.cloudflare.com
choices.trustarc.com
choices.truste.com
cm-supply-web.gammaplatform.com
cm.adgrx.com
cm.ctnsnet.com
cm.g.doubleclick.net
cms.quantserve.com
comcluster.cxense.com
connect.facebook.net
console.adgrid.io
core.iprom.net
count.advanseads.com
cr.frontend.weborama.fr
crcdn01.adnxs-simple.com
crcdn01.adnxs.com
csync.loopme.me
d.adroll.com
d5p.de17a.com
dcdn.adnxs.com
dd03b60b7cea74449bd5679d8ed8afe5.safeframe.googlesyndication.com
delivery-cdn-cf.adswizz.com
delivery.advanseads.com
dis.criteo.com
dmp.brand-display.com
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
dt.adsafeprotected.com
e.serverbid.com
ed261e9d5f80ee9aeb3267a5c8ea321d.safeframe.googlesyndication.com
euexchangesync.digitaleast.mobi
eum.instana.io
eus.rubiconproject.com
exchange.postrelease.com
experience.piano.io
extranet.availpro.com
fastlane.rubiconproject.com
flashnetic.com
fonts.googleapis.com
fonts.gstatic.com
forward.com
fra1-ib.adnxs.com
googleads4.g.doubleclick.net
green.erne.co
gu.dyntrk.com
gum.criteo.com
hal9000.redintelligence.net
hal900010.redintelligence.net
hb.adpone.com
hb.emxdgt.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.clean.gg
ib.adnxs.com
id.crwdcntrl.net
id.cxense.com
id.forward.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imagesrv.adition.com
ipac.ctnsnet.com
js-sec.indexww.com
lexicon.33across.com
loada.exelator.com
m.exactag.com
mab.chartbeat.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
matching.truffle.bid
mug.criteo.com
mwzeom.zeotap.com
n.clarity.ms
odr.mookie1.com
onetag-sys.com
p.rfihub.com
p1cluster.cxense.com
pagead2.googlesyndication.com
ping.chartbeat.net
pixel-eu.onaudience.com
pixel-sync.sitescout.com
pixel.adsafeprotected.com
pixel.mathtag.com
pixel.onaudience.com
pixel.rubiconproject.com
pm.w55c.net
polyfill.io
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid-match.dotomi.com
prebid.a-mo.net
prebid.bidstreamserver.com
prg.smartadserver.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
r.scoota.co
region1.analytics.google.com
rtb-csync.smartadserver.com
rtb.openx.net
s.amazon-adsystem.com
s.company-target.com
s.tribalfusion.com
s0.2mdn.net
script.4dex.io
secure-gl.imrworldwide.com
secure.adnxs.com
securepubads.g.doubleclick.net
servedby.flashtalking.com
shb.richaudience.com
simage2.pubmatic.com
simage4.pubmatic.com
smarttag.rubiconproject.com
sonata-notifications.taptapnetworks.com
spl.zeotap.com
ssum-sec.casalemedia.com
stat.flashtalking.com
static.adsafeprotected.com
static.chartbeat.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.mathtag.com
sync.richaudience.com
sync.serverbid.com
sync.srv.stackadapt.com
sync.taboola.com
synchrobox.adswizz.com
synchroscript.deliveryengine.adswizz.com
tagan.adlightning.com
tags.mathtag.com
token.rubiconproject.com
tpc.googlesyndication.com
track.webgains.com
tracker.book-secure.com
trf.greatviews.de
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
vid.vidoomy.com
visitor.fiftyt.com
widget.sellwild.com
www.awin1.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.npttech.com
www.parship.de
x.bidswitch.net
x.serverbid.com
api.rlcdn.com
104.18.33.19
104.64.122.89
107.178.244.119
13.224.189.110
13.224.189.4
13.224.189.40
13.224.189.45
13.225.78.124
13.225.78.59
13.225.78.66
13.225.78.7
13.225.78.79
13.225.78.97
13.32.121.114
13.41.252.217
135.125.160.77
138.201.63.145
141.193.213.21
141.226.228.48
141.94.170.77
141.94.171.216
141.95.171.139
142.250.185.134
142.250.186.130
142.250.186.166
142.251.208.162
144.76.104.53
147.75.83.64
147.75.85.234
151.101.1.108
151.101.65.108
151.101.66.49
159.65.196.12
159.89.246.130
162.55.101.208
162.55.120.196
162.55.233.29
165.227.116.104
172.64.151.162
172.64.154.237
178.250.0.157
178.250.2.151
18.156.195.47
18.158.198.21
18.159.49.230
18.169.195.169
18.198.126.47
185.183.112.155
185.184.8.90
185.29.132.242
185.29.134.244
185.64.189.110
185.64.189.112
185.64.189.229
185.64.190.78
185.80.39.216
185.86.137.131
185.86.138.16
188.34.190.28
193.0.160.128
195.5.165.20
198.148.27.139
198.47.127.18
198.47.127.20
199.10.31.14
2.16.106.211
2.18.232.99
2.18.233.180
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
205.185.216.10
213.155.156.166
213.19.147.45
213.202.235.9
217.79.188.21
217.79.188.46
217.79.188.54
217.79.188.59
23.199.220.85
23.203.124.180
23.64.52.128
2600:1901:0:8344::
2600:1f13:800:7780:e69a:c43c:f0d:9cd8
2600:9000:21f3:3c00:1e:a43d:b640:93a1
2600:9000:21f3:4800:8:48e:53c0:93a1
2600:9000:2304:e600:18:1fcd:351:7bc1
2602:803:c003:200::21
2602:803:c003:200::27
2606:4700:10::6816:1957
2606:4700:20::681a:709
2606:4700:20::681a:8a9
2606:4700:20::681a:b19
2606:4700:20::681a:bd1
2606:4700:3031::6815:3c9f
2606:4700::6810:cb16
2606:4700::6810:f015
2606:4700::6811:190e
2606:4700::6811:b6b1
2606:4700::6811:b9b1
2606:4700::6811:bab1
2606:4700::6812:18ad
2606:4700::6813:b979
2620:116:800d:21:b314:a0ef:ab7c:d546
2620:1ec:21::14
2620:1ec:4f:1::44
2a00:1450:4001:801::2002
2a00:1450:4001:80b::2006
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2004
2a00:1450:4001:813::2002
2a00:1450:4001:828::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
2a00:1450:400c:c06::9b
2a00:1450:400d:803::2002
2a00:1450:400d:803::2008
2a00:1450:400d:804::2001
2a00:1450:400d:805::2002
2a00:1450:400d:807::2001
2a00:1450:400d:808::200a
2a00:1450:400d:80e::2002
2a02:2638:1::13
2a02:2638::24
2a02:2638::3
2a02:26f0:11a:398::268b
2a02:6ea0:f400::4
2a02:fa8:8806:12::1370
2a02:fa8:8806:16::1400
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:600::714
2a04:4e42:800::282
2a05:d018:cc3:fe05:1f91:910c:4285:3fe6
2a05:d018:d29:3605:965e:3ef:16d0:9a4c
2a0b:4d07:401::1
3.124.207.220
3.126.56.137
3.223.100.168
3.69.181.163
34.102.253.54
34.111.129.221
34.111.131.239
34.111.151.213
34.199.154.34
34.240.144.110
34.240.174.255
34.248.17.75
34.95.69.49
34.95.81.168
34.96.71.22
34.98.67.61
35.157.140.187
35.186.193.173
35.186.253.211
35.201.96.126
35.204.158.49
35.205.207.25
35.214.223.115
35.244.159.8
35.71.131.137
37.157.5.141
37.252.171.52
37.252.171.84
37.252.173.215
44.198.4.174
51.89.9.254
52.184.204.244
52.203.53.149
52.207.109.34
52.209.167.52
52.220.229.2
52.24.69.139
52.28.92.0
52.46.128.147
52.95.126.160
54.154.171.181
54.195.67.129
54.73.211.146
54.76.69.248
54.78.4.225
54.81.22.167
64.74.236.127
64.95.96.108
69.166.1.10
69.173.144.138
69.173.144.165
72.251.249.14
77.243.60.138
85.114.159.93
85.239.105.10
89.185.33.185
92.123.37.164
98.98.134.241
009539af19c1a1855cd06a8aebe2833d60bf3dd224ac6c03e555775d81f65751
00bfb75d3e2d5a0fc71008fcb688b6d42b8fe4db2024b6de74f577254e5a45b0
00d1abe4957daebfc693a1f3cb4a41f9ea636b2360d28820c2411eb16a7f6f3f
0184d949e02ef4ec2ac89b102b3b13eb713bd98e204affa6275a40e187c214c3
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
01d0067acf20519b04574b8f28e1a9ee72525423484dee1bfa064244e207720a
0234f74d26f8155469cbec98cab0673742e898f16ab2720e1b060c277d45a7e1
0252a07c5baff1f8c729366d4b802b7cadf8bc3ed6685b86e56b9e851e8b6142
026640563b84b80daf8bd9128ce7ad0b239f6ba362121ace522e4e7ed9fb3b25
0274dd1065a1105c3483fc97ee598a26f73dd505a951c41f82170217e59e688e
02982efdcf334d8bbc985c063473b6e4e58d2b02a0a56e3d25350a5de1ae8bfd
02b697d195d19393ddd33715a00c2231f64f2247027de7116c422ee26215b095
02cfe43391b946acde4fca884f7169586209b45ca8f4a8ceb5b6ea0540a9b0d7
02fa19c76313dd9a6e0c557d11bd94b42bc211fb799fbca5e20ab87724b2c78a
02fc5c784808657ad32bb088b3cb3d44b7e713a563af144ef10819fb5e3678c1
0337930cab6c911eaeb47e8b5684e787b8e08ff9cb9cf89255b2cd4815e99b66
037e3e95087d700b7eea3cddbc888d98ee0a88d1bedcc2a633cde21eabe53478
03c8d45bda14da74c40e647a1c5e3f8e0c381654ced48a41ffdf3654f2bc8eb7
03f70bf0dab02aad875956eef96d9594ab116583727584308194ab3a273b3b76
03f8486d8e755e298fd380f8c77b4903672c6b66732794c9750cc9d2a852337f
04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98
045212d4f1202ada05d9929158338780ccd7c18022c280e44a653c47d36bebe3
048c0d28b725fa7c9ccaeb246ffaa877c814b94d9bb9cbed28bb0b426ce3bc1f
04a4ec051482dbeac84bf68c61fe3abc1cd91a21d49527e14521723bd7606d94
04cb046adb303a8605d1737a22459ca2ac8bf30b0ad60596b2b13dad818727b4
05294bb7718eba8948bff46635ad0ee937c0e106a315a7533a89016899913695
0574d3bf94d6d6b8120c8ff973b6de8cb115b425571d0515b5852713dd487b96
069f7251a0bf329fd4fcbabb30adad6bbe6b846bbef8a1884c02ed2e47804b52
06a2eb39176db59b9b7b0ddafee5748f4c032450c048ac99174a59f0b31997b9
07275140ea3f47293d4f8a51d785a766eb1c94e4ae087f7c60c5bd611328ac86
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
0995b7f22e512780bde59e5555a21f8020e789f54ac86465732f3786653d0f0c
09b768f65e6055a413ecabf6e793257aec9656e2d1104a6946f94e81eeb43212
0a22c7a3972200583310067420eae4d71d33555c5147842274438b9041f1da1e
0b0c87679bd61b258e7ec182a6419a8fdaa370c440c19574fd4705579c1f1962
0b4ad4c7e9f95aa3f37f4f71e91eb0def0f2d8f5d9936eb8739718c151268fbb
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c319ddafd80f6d455f301e3dd9953f167469dd153443e552abad9809c42d18f
0c7260fac65e4f7ac5cf524f8ca96efd419cbb5a9b18a3e06e44c448581e9093
0c9f82243c9f27518eb74bba4cdd5c29c1f9ca2d82be5fa51cd9a05484176cca
0d0d9903f54b242d364aa4832e6facab12b51e57936d3d6715433a8c3025c61e
0d84b0ca6c2c7ad37db1a5bb63a931381fe1de42c051d2d5938f39fa221c35c4
0d86448ecf96adca9ba3db580e2b5e2c58f2da912810d1ecda6a993afc2a9ef7
0dafd03fc3c5f4d78da8d5b45ba093103633c762997966693a6dd3792350c7cb
0e1a73d8aa5cf64730ebb7a906c9bb1d1909c992a39ec954b8e13634d7af8574
0ec27d012f0a3f6893f3f505a56df4f86a86d4397f005d22c7f1c6006caa2773
10c4d41c2ad580fc3796bfd8ee4c3c31273dcfed7bc81ba14a364e5ff565d60d
10c95a60c2e3650d06b2dbd2a6ad63f1097261ab898372457a972c9837101665
1194107e098d32bbd417d0589e369255c97c4a1036ec16231a2f7ac231b3d587
11ec04e3948e25a0d78d2f77c04940b8e38a086624ec36fa4605a2a69b133e94
122a71d57255fe89be6c03814ecf60c98ca56fa9b8eeaabb9340731824cd123c
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12e3c0bb74dd1d4eb4d82eb4f82003e456faa8e819f07375e5b2458e22988167
1300faad03c461da64eef0fb97f89d435176ca7d39bde86607b71e18a64d171b
13c1c4a0063d58dead3980f1fdab8b1dc3069aa54801e0d25c77051b983cbb38
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
147897a5429f372c03abd636c79413174482cb69d760fdb9cab8c1e348bc7566
148223d43d64709e584f71b1525c3ff789d2596f366697cae396927316bf7733
154030c2348ebfb899f87c7c16fbe980d39819ea9cadc65c3538be5edb1da845
15aa6a4a76d8a15a3b33c1b8aadf1bd5f3ca4586ff840f8b49aad4ed209f4a47
162fed839a1e4d095a6a20ef545e587131b45bd8a3eeed6bdea84deae9794868
1681d5da1cdde73eb5f43b3a500931754aef711367bf9457c3d7264c29db4d2e
17456f8db64aa1850fded220ab227c27b308fa5197c09e35cdf108b91a688bcd
17c922df60732a06a12a21ca7e28c85415e8ba97ef4d3f86b8641f3ec648763a
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
188865543091a75a18231e72dfddcf87c9df931634165b25b3d041ad38ac42a4
18ff02e2a023fdcf2568a3bcda7d922fd5eebb938ef45eb28888fdb14820fd48
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
1aca8dd76d75f129f8b9df1dc6220d1440c4c55fd3c0cea4d67c7dd645d02139
1af914eed7a0b70cbe2e8b28c5d58bbcd93da7095780c75aa695f7a7f23f2bff
1b5d08e7aad88badfb0de061dd9e5e144c92e0a417e2b5f482f84b6d6a70de39
1b633c3d6a4dd22600967290368c9cf3695fd18862aa33eb19f33b0acefc0b5f
1ba73342fbcbc99097a42b9b0593e8955771acf54eeafad72a4848a306dd19d6
1c043c7e4e31bef13751f8c14a55b6cd731130501eb726cdf87354da8c4c3c46
1c1e6d857f645316767ac85175c5c6bca4e88fa007d200304fe79cc4a0704266
1c2b45cb721667cbb857c2af80509559d24fe69c3a3adc6977f4a14683eda1e9
1c67e5a80dec6262552573a039128251d895be8c9a5240e7f9e71a2eb3c9c06b
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1cfcea10210369f9c234a9fe949f81aeea651fa31b5dc3d943546761ebe26548
1d0aaf8d2ebc468c56fd03651130eeb7b88e5b1f13a47c8c2347e5e7abbad38f
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
1ddabbfc521986e2bd978239ce97f7a04d5c1989c8486fec033810f92fc5280f
1dde73662479b1416e1146291ace8877ed06aaf4ffcfe7465b598e7650149e37
1e0d521f2db6c22bae7a135e827a0a492311a80461c8525b40f07e7c46ac52ba
1e0e3b15b0667c8e7eca1ee84d3a4b1d9791b47abe3b28d06e678a8c15a91482
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
1e7adc9a24a57746863ef54f2de5f8905c242ebc6d416713133ff989fb050222
1e8ca6b4a169da3b4845f4d89ae7a1235744f7835ffd92ecb9c1e8282473c0a5
1ec690ccdc5918020921360eb819808d4f4140c29471115ddad670cfa9afaf0d
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
1fe926d32d00488a96c2c4a1a682caba35beffaa80db5eb21cbe18218b052978
203340e805a9ee22c5a35eda18234ee389287a000f727144b444208c4fb0e27e
208fc1b7b495d76e6cae80ceaf258ab31b373461c2e7b30c259eed947c599fba
210601fa7f23b55cfe3fd7aed95a91a8f4e45b1289149e17c043d4da2ecabcbf
22201309f0cf063b1b586e76703ede6bd91b22b4966033b75ea753ba9202ebbf
22a6b68a39a0c439a10ae495f7459b68c98645367a7a05b462bd0de3e493c8e5
22b1baee958e14ad1c94fe2ae771ef2ed0ed4623017f4508a3238681377bc598
22f6eb51431d1d40bfcfae90e39a956f6073faafa35acd027f19f778b1d2f1e1
23297e210b689a2e968aa93eb27e39e626eba612d284450e4089307c4741b16c
23351fe94e228b490f974c8b58235c49626ff9d5a9b7c24d1692dcade5bf86f2
2363bf8b6c3d8965dcd61064623e41afcfa3c95137db8bb611c2e796cda95ecc
2371736975be245bd56385816b25ee7daa9a3cd826911c4fe5f2202ca74e9ec4
2574e2c1fb3c40c584850b4a14401bef4690c57b7f12a8e6b9c041b43c1e8a6b
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
25aaa50dd96f6c10134de5d3974b2959aa3ba8a730a3fe0fae2e0e1aef633ccc
25bca8830b6afbe570769a44a4ec4da64218728c9b40fe02b6c26b71e5b9a6da
264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa
269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f
26fdb94abd6ed18a974d4fab3e63c2aeed5c711c5cbb721e1f5a51fc877d2e01
270fa492a92f3da18b4a1747a763911c1b7d8985680bb0d33d139e4d88de3ea3
27246fd5233d3961a204f605bb713b1c564d1ecb1fcb2f08d44a82be95104280
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
274d3c56792eaccb485cc1b8110047cadfe94534cb68c7bb0f2633b54c4d1e78
275cc750316e9a72ba867ccc4f8e235680f4d8045981ff6c92327eb3ce1ae836
276e75c3d28142c8882cf63700bd997eb86abbd6a5a3f72240c2efd84c4ec09c
289df860f081819cb0829e6273391d385b3b41ecced3a6ec8d8a906d06cfa290
2924ecb4d72ca87942b467394327cf343a66e6f0fe0ecdc917f634793bff7d71
299b443627f9b0bbfbfac48a51a6f78d13306626f80367be1880de1007ef77ec
29b2570b62726b892e2c625b6dadab54e18885d34359c214e47fd78b26056854
29df9063cc35326fb19336ea1f1eb2620ed5c1df93f196e2f30cca89630d2d15
29e86726b34cdf55983d49f5567d4e72b2d6ae2742611ae00fc8a7c0733f38fa
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b1a5b5efd9402b363c69469ef5923b9a5f05dc8815abf78af4a21f66668cb72
2b68d3f00ef77a863aced01347d486c666e2203aeb549e94c49f580c78d8aa21
2bd7dcf300b51599032cfbf8dc8c89c41d0fa0e7119c48af6b57a42c24c1bed6
2d1790c643b2c0ac983a16525b7b7309d2ed08c73bd55589972c60ea3b62ab52
2d434a40ddc49b451bd3e9928040178092355ac94398c70c4cfca6cb689b1708
2d83dc0d923bf620d0de3a019e7fed93afb7677e2dd79b1d05b2e9ed0f34c200
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e19e80a4f892d1c5903d382af3976c1ff321976e6dc93784c5ccdadcd2bde5e
2f1d8d620d98e150660221e0ddef2eb1d19f8492a36e02b21076a51f91d7b746
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f750e31f656afbb2606fc24375f9a462ee3cf3523b0d9229ec347743975d754
3017ae358550cfa63aa1da2a66981d7492744cc695db5700e5cb2536c9f52bd8
304c1457814164a84ce4f04301e754c6c0c152f31f0abb3d4dbb9f949efe0316
31119b4b06eb530eac274392f79ae6466767133daf2a87b8e8fd1bf4c3016de4
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31658c00ff0c28b9e0b2e78e833943dc347f302957725eb55b829f3ed1711fc8
31ea6e25e82afe4fc795fcd8184cf2605bd3b0724ce681d9d92e79f909c6ad4a
31fad68936d2867446a310ad3cb804ac96e7f269c9875fdf053812b0a242ea37
322978f4918db2d82e11e44f89dd4bc738668cbdda2e26a2edc2140ea7873c4d
32415188f05aa5bbbd1e7a55ba8e480f62411c438026761975b18093ac961190
32a389d79fbd87e47da0e925153c41e9baf94a8c184d9b72d5ee29deb96809e9
336e9badb32b4ce8c15616c6001d6a21640864ddbcfad231b9ed5dce1a323134
33b037a223cf10524ba579496a2d7665d2734652b36e5d5db0fe48130b327b86
3476d2ae47cb252137ace1cfbe45a3950a6b8a070f3e160392317c9fc6d88f1d
348d4422b0acdfbfabf705f2fd628a099862171b1c3315a46248923d6a32aee5
348ebf939ac5d4c01a7a6fb2b4bc1ef8b98b8ffcec80ae8df35071f5aef737d5
34a50a01804d1fec638ae21cbf395c1d8bb8303359459c4831eba29aad93c27a
34fd432b7a129fd6d9599b585bcfc8cde51d7cfd47ad4f906f0b36ac359a562a
3514c878613cc9cb8a3650c2e376b296b0e6b91218fa94accc4958591b336b25
35d08c0926375494bf07fb0d791d46d898879a3a434057265a94c6c83ad8259f
36199c804cec38012939e9c168f79c0914ce5a46143dd64cdc4a25a906f2f094
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36bda666ba373744694463a3c13f36b339548efd21d51798910c0127c54f7a06
36c0ec05d79bd9d3164effc3eca0f1962cd6f82bb1f41cb212e080910be24153
36c3117307c70cc8ac0034083c2159b11404fcc4bca11ffeb91ebbc2fb1c0a56
37e6844c5969679d45f013455dd5a59ae880cdf8c2657d9bd7dc03bd4ea067e9
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
38424de62e089499c2f4b02bf35bc44d331b1f92029d77ad2c8e3a45b63ee966
385c82d550eae26afe1fa91e277386edef1f41d86d2efeb148802d9422681655
3893c2f4d9900890b109c242ab029b8f80a4fde21fbc1ca02166ff6adc873221
3926c68bf4eabad20fedb9cba2aa76a25a0deac96ed1439910474b5e1b91b367
39b2ebc4204bef3e99b38bfe35e40dcde6cb550e0979b790cfc0acb1f757fa53
39f2f0d2c09bbc1153686ffb3811aac70f26dc6a5dd349f06f20dce68915d0c9
3a0b55d958cac444e54649fa5484824022d355e3212ef72d0cfcda3dcf1fb0d5
3a7f45ab35fd0844ea07cfc8a3ef3b5ade187f5dfd33bbb67c3d05137d30e104
3ad2b2b9af8ac09857eefdde6924624f0c8bc6147a869875bfd2bbe81f94629c
3ad3437f02c71f81ecc28dbac6b081b02443737772e46e52171c76bfebd04464
3b2eea8547a99b96cc16ded693a2d918e4a3b82adbfb41510a0ce39be6d287e2
3bb1ab9cdfef8b9d69d8ad662a640ba80c0ea97a14a7ea5393eac7f8b12ab295
3c39622ddc19536adf9b17912f11d621921f6bbefaa53acb110116b6fb4cbed0
3c39a36789ba27eb4ea25dc97a70f7200a8216009f8f88ad71c698a6c7de40af
3ca1922484e74570d4628e04048a148622692fbdc0096d16838353162427fc57
3cef1864f3b4a587c446729a5ee0eb8ae906ec76154e956b797e467c653d0024
3cf4ec3092fd23cd158f72f3fbba5eaa89ee02b8ff6f5bf35a2cf2f2d1bc9947
3d31be8e697dc47c0f181a418be8db313d095a0311ea96c25bb24a2905e7ce20
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3dc1b78f8fbb2e2deedd7d92e2aa9b07e676e64e4dc88a6b3b2eaf65247593de
3e1d40d61675b457b5d50a02d4c80bb2f2dc97598e705a97b6ba0390abb1d5e8
3e724c0b5720d62b93d42d319a0002710a01cec39a97edd541a537b5320586de
3e736be7e34c844a2d363f75a932ad7f305fc65507c697f698fc4f080f47730b
3ea16e896e5d24216c250921e9bceec95a207fe792de1ed160457407be7fa0e8
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ebdf128b722884584fc81d47f95702a68de5cc732c3d1261d130cd85aac7d5b
3eeb1b363904ff127777872ae332aa15167d4484a78435080cd98ec6f8140d50
3f02aebe2e48c84eb9cf3154a4d143685fc87cb37e52be1ebeeadb9b4783354b
3f345f98f07e664032e668f226b54515569a580d01ed19fc0dbfa0a6d5bac280
3fab4e3fff5d826c438004dea8ae3b051bfa09d2e9b6bfe10dec2b8ed063bbdf
3fbe970505653155455e5849756ce2d6a7ad36e610ee3efc59ea89babe3c4be9
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb
40875a2d79a324819af209317194bc0450758862339e0ad2e4780655027dd1c3
410f8fecf5797e931f6de7bf4cba90c81a27dcd1deb6dc29ef6b5dfa16b15c42
4127a76c62def29a67bbb957424f8d3673475ec78f5a88d71bfad93318e6767b
412ea8d5c603ad4d161f63db7f1749af0bb50e71bd881ab81183bca25ac1e14a
416f97b7082377fe76fb76733fe208442c7111aadf7de3a9c9564ead3ace77fc
41de6ac569baef5162818b95c7a1697af839b978f2634a98cea413f3b4792b89
4234e4ec2f7e1a04adb589fcbadf04ff060d6a9a98f54d5126abdb460237962b
42403dfc0a139837cc5238bd1b06c1b109cf636791b426dfb56999e541a7b721
4242739698c2f3110de5167132d4544e0011514068fcb5d7d86d1a89bcd8a30f
42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc
42f40032553c268e7e3f27c21a7f55ce5533bfb719025ece68b9dc683b85eb42
435e85f4abc392ff7f060f2e0a9cb707018ecb4d8ee01db2df6ae5ebe78b9b0a
43701cb810e01e4ec690bc8b4847f7d6ed69568644b33ecae41043e5f865deed
440393abdc3b992430164db0c67e524e273a86548d2d8338e0cedd9e54658879
44553310530d392bc781c35016a5eba3ffe816d2d9bef599f20df8f2acb167e5
4491e279d7458910fc3551a972e83788019fd683f735016276f38dfc88d82b1d
44b1f2fe90b4743cb17697984bd73c6a12549cc820c5fc62c6cf3f4c2819b058
44f926e0c96cbc77f385849974bf7c59afbb225cf317f6da5da0c43c6a6871b7
46192973ae0ca98653d1134c46d0a1ce54f4fc6f3571ca53812d0dff21dd2da3
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655
46760eb4ea87406817c825a03c2bddbba6c24e92d3c7c59b1d31ffd73eb0d999
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46fd407ad3655e5610918eb048cf024f0ed714ed8b2495d5542b54065b728bf6
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b
4726734a48b33c83575aa629342e5a8c36cf253e8c282c6e067b8a0c60a542ba
4817d7f4210c208325573ab8d3f53c574462c584e439bbbc1be6d1fc3979628a
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
498035805511a869c5da90a505ea08bf76cfe928e3a47cd6002bd454b0a37a81
49ae16d0d80974581d28c0639f38ccec3a977d964f86ce418a32a3c7bada708b
49f060c2cf08694c7216cbb2371498dc264a9c3da7ebbd8e29461ac7e7b97d48
4ad37e5c6c93baf2c2da2af8953b6c14c934985d0348be97f6849a2c78eb3ac3
4ba6ace93c87796e8a62f42858f9b2e5cb2fd3a531ed8f8d1f20886fe84974d8
4bd0d1405ce2208fe32f72de67c02e3ea0281c7c371b535713d0c21fd3ee5b61
4bf4fe18cf7ca25bb33ae328eb04816643184d449c81643c24bbacdb6c6c624a
4cc1ba4170fa295560898913d75045515d049fdafca64839928fc937b5b12261
4d0d165f5ba2960d75ebe0856f570af6dab7daf9c1bac577be13f97e2987989a
4d7f2e48cb51e9a06bb737207308308c5e71a61183b5d91ee37d60d22c1895a9
4dad2604bccf468f18079ec466a8546cf4a70d986fd54b6a0b5957722dbeb4d1
4df4448f376b3bee61ad729d7d66ff4c8195d2485b70da18533ec88aa4370d83
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e7f56bf38f55ce073cd15903e33ffb0db514a55a17ea705e9def802ade737dc
4eadf91bef9f43c6efa8bdbcff98024f8fa42f28f953bea2afae2794f89424e4
4ec3af8cf61bf3c9ac95828e6df93c4387df862ad2649e938e376c74e617e84a
4ef0da0458870d583199f929a11331e91f1d88f494dd12ff6e7b7be26c447629
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f833869584b753cd1922c03fa66917867d483ba55ca1d409610b5cb4a524e2b
4fab49feac5843db4a0f22356fa647a21a3a6e110064233787ee39458ce73bd5
4fe5d31894f6ac9bcca4530c69e5ccdbca5486b76771842575183ef1907e5b4d
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50a49555ddf54c69b91b847abfbff3c566975861fb0c85262086ae5bd58a29cd
50a82207bae5191acfdffb7146bdeb799661c6357d6cfa01727fc5a18490e118
50c624b7992494dbf16e1ad0bcfb757a32a6229cf72980b7f2725cfc18af378b
5160f8e7cf65486d4ef7ac14e03e5f5ae69449527b99fe4ea4634bd829e9ef8f
5161cd3c7b671b9f201edd8e9539a300fc0fa7bda6bf8cc9ce39033f8de376dc
5281ce8a45775d45e94d389346990e72dd1a0efd1d909caccbc419bed651b9a6
5333dbab598bc6f3ade782f5791a06dc9817e851453c6296db71b331fabb5cd6
535be4b8bedf82433d210152dfb19dd4eaf5796c4e61c2be1c2ed356827b5580
53a65564d8d5fc0c283c34a7be250ca1666cb5a0ba55626517eb27c37fd3ba68
53d3b513684b230591b0203df937048eb52f4e03e470ecf1ac2bf2477476da70
53df44749e757fa59dc556d6051ff22db3550d416f0c62025486f981c1cd1609
5579983de47c243d359424517d81cef06952e32681a4a4f666f414672801a7b7
5598192ff661dc84c44a90a1eae1cf947fa0d7ca4358b46a3be7bd4da71f98f6
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55ba377bc74e7ee39dab364a2b8af51e6b9c47509e79062ecd75de75b36e9f34
55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9
5600129790d854dac9837d1d49093553603f0cdd3195d2912bf73580d00e1ff5
563252b19a0331ca514348a767e7108b4afcfa867e2fa1b4216ec85888b9cb99
56b15db3af38f413b90325496cf7a728c0eaacdacee5dab2d5089967fcbe4ac5
56d69635dc1d2e540b43cd4bdc61d6a269497c184d41516b7d48625c5e7c5a8e
56e7e9c260d393a4eda7a03a2d25058bee875f9d54c83731c1d8ffcfdac7fdec
570eadf9bd41729ef23431a5b15662c0ca400e3a262137ba1af9f67f6248a6de
579afe28308d3b0bb150e5d2f18578b6ee3eeac6b8a6e80f7ed1cb02cedf9388
58a85c5feb7c713bf4ca1b4a7e8313e48c45487ec9af3b89c8404d66be340b03
59ee6df2f16951e2a5d80f4132ad98a9a6f572ffe9e24155aeff6010352cbf4e
5a0cecf509251de7b796c7c34ca1374bbb3fabe582e9e9394f1a1ebd9d421997
5a2e429dca681b29687444a32c491210898db4631649804478023d5197cdc830
5a307db525b6840246dd5ffbdd03b949c7287686fa5e693f68ffa15eb0791e9b
5a365ce59f7ed6c29af902cece829e323ec91c9ab2096a97299d2ac89c2e8ffc
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5abcd65603493240fb3ab78d15980e9adfa4af0f493ba804aa3dc0de961e0b69
5acf1b535816d81ea58c193e91e0eea2e08adbdaf83b76ac59530f027aec20c3
5b0c2f7ab4d70392be7f87a7f0145436948a7fb6e346742af6e85bc996ee5469
5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1
5b4a4bb9b2433c24ad694397349c843ff72aae282b99a5c87a59cd3d9e96ee65
5b4c012c740d120a384871f05af3184799f6e2b607767a5d6229e2a82aac103b
5b603173268f4ece04439dcea5303d7fdc439fd09d49b8ad9cfae9651459a32f
5b81f9bbdff590ab21ba555736a9735c924d3be5d2204248ce94481ef5f330e2
5ba6af8bd340ffb7fb078568374df5d6c9918445b121f6cb0acf606368c5b7d4
5c04b769069e8e2894cd7f9bc90342d74f33e6c8c14b906da380052b30cccc5a
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
5c72287a4376f4bf15ae4b67e897a669fea690636d3628c5a969de5b7a78f7ae
5d27e38b900bfd79bcafbca25f4d8073457f572349f1450b178866e0b71d9dfa
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab
5e2adcd1250f8ab3a4cdd2d2b86e0cefbfd7871fe25227dd7b6577c44adc37c3
5e318b0040a4f225d3634ad0c70f87b72aad724786e372e736937e40ff4d60b7
5e4cf558eb0f7a10f82e18e722ff5d2224dc8d789bc88a76f2a0f8731afef487
5e5c23bdfa030a3e073362299002a2df3e8998a6ce9bde9d7aba4f5813100d83
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5efc718ffbd25d055f3896f22b9c83f4ae2ab65a78eb60b504faea94525d381f
5f3cbce052d7e8ffc150fcc0b00010b8a76bb94e12f67fc6ca3ff8cbd1c20a95
5f8423431189ca7e761037939f5d8dc918ed733501d55a880c338cb4c95cba34
5fb3bdb7f966c852579fb6b0574517445d5b2d171c804d66227ee67b1bffca9c
5fec6ca8e5a0b4d0228c459697dee95a6a50ccdacf4188346923f2e896b18167
6017578b1adcfb252bd08e1313afb51c05aa42da663ce2c50044177af1d91247
6022508496bc68236059cdaab06e3799249f163acc39cb76a96c1c2494a85e8c
603fbddb25f32e654f70569a7f68c485d22fa56717f7a25b1770b0811dd52170
6069823aed04fc7f7ccce86d78cf19f5c0336bacb392c60131f591582e665085
60b5796388264c8f3cd36659abf0b7d724ee4cfe0407f07aeec0c601e6ca1278
60c52dc22e157850e8dd14f90d2bf881900c0a8ba48891c8c45c7151e43ccfd3
60c86800185db64bf0de32adac55bb2a788cbbc9ed0bb086c67da55135a11bdf
60cc3616dc74b8b0f5ce28eb07ce9eed4b0ff17afd4b649e6d9ba95549b2ec7a
60eb7775f4be99cd320627f14722b4bcb9643c02d7d0b16396ec982d785c49e4
616a4a2317038317d7b89f28ed96e829bc7cf244aa3fc3685207dc23ff41accc
61b628640e10ce4d7ca39b6a5e86e3193994cfbe8da9be73eb1f091a9ca52e37
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
6302411116dde7406af92a49bde4349a16a1f7bc9740653a0d425aa1baaaaea7
6361b6f95b5416452f29f32c91dce442dfb8e1d697a6155eb70ab94cd71fd4b5
651bb544ca88b708c43787556a94c1544a5cf3aaf2752a1a79b45f910bbff975
651dfdd35892ecbce0cd0a82b9e5b86b2446b9d625df7f4c5c5259453f8d7103
65a1cc21f58b4680197c3f9ee35746c0d6af4f7fbd10c8a8fd1c9ca3cd4ab1f7
65f5d9a031d4e6a60aadaba1eca2b36e6ba774fcbaa8b3e76c376650e10ac026
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
668b943eeb0437afd6a518e8728e9c8949448f73f02f04a0b93bf08053b5294a
66a2f0adba69cbf1857f8726d7d6b0c97fcd26e56ed50eb94aba8c176a2bcc85
6736db2627733e99082a904ca8a83248490fa00e852abc884cf6037058c31929
678251a3764ea08beb2b99bc4eeaa901a5464eb7dd4c4e25cd75c3d0651249a6
67b412d761e1665a91321d69841b1b87d9b6ba478726a5342dbf1c5393518ff8
67d59e59ab78914bef31e6a4edd0153a62a5f8be5d635783b43e0640f5473388
67ea6433230f60c2eee0a4cadcb121c30844d2c0c042fb95d4c4751a5a0adedb
684d61333478655cde84db8b07a6948a25b3b1c0d536db669f90dff4deb5d9c3
685801d3c8b876ac74c45d86faa822ef6f16635330b2de83d0abe83f22586c38
68859cb4150141924722163ae3e155712f84a71bb66bebc3b774ead787bea497
6908729e3bc9522da94024c2a7a193637f65f8f60956898ba4eb7599c335b80a
69c60e1bd5debc809a07042775743e11b98104a5561412e8eafb65f592fa9542
69fcc9d00244052d97025770b5460f5be9c06ffbc2ade4a19df9d0ea17e568b0
6a4c4b1a8f4514c75ab4777f187d1a4a1d686ffd4e82d9742e64a0151b0df746
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b53dd39cd7cc110776cfaced521cb558faf24a7ee7664cdb388037f742d281a
6b57a65bdfd15165a7d98b69552f1419f7384f9045e37dc98f10348dba600260
6b5ef7861572324f3e9d49c9284d10e8e582e1bc44694394afdf5bdc0e6bd0cd
6bac775fd9265f93c4a28d2f651ad91b772db29751f0d310c64c098c52340555
6c5108bcc859c7707fd3881de37302d16da1bf5b1b9514245503674274f5ce11
6c6cd502f1e054c453489f8f1fa139e40a4c49489857e78bd4150718eaa24fd5
6c6ded5eba95f1cffd9eff6104ef14ba3c988d57aeac98d27a51c9cef69fe50d
6ca25dd87d04d7aedd831b738972badcbdd0f0345fd1f836dd534a623f726191
6cf4f203e1c0a307b44cfa36cf044bcd5097f5968048c22dd4c76d719429f6aa
6e21bea1f5e411d8bf314f47cc98372da32e11a89549dffc1ac95d84bc95ae89
6eb9b2c1d404a4b912ab9d2004bd9be92decbde5873bec003c34f19a3483c701
6f0c081421b79ae578db393116f97dca870ed09f46ad63349cf45ace85a1dc6b
6f173fbde897c4b5e403c91d99bfc6d671efea799450ca3b11c0d1bcce2ddfc1
6f43d2a30107aeea1ac3a2ee7974f2d270581a7757e504e6c41db344366f734a
6f4af11747c01a00d372662ac9e748708fc821a07542e97ebd7ce7b5d1f9fd38
703b98fcf4e4866ba0a9b96882b61941cd4332c61feb152d67580f890696e782
70a9d907f920f8436f98885d781d91d92aa1fb5ed105c4453a091e81e747f69c
70af336fb470bc37a176ba3fe93bb670deb25f2103acfa62a05824f77a165cf4
70be16b9dc61f64b3bdd8f879f8dcaaa114c52d8d22229f34605d75477555105
70ce6bbe885f3d1fcfb793e1179d6fe768114f53d8ef43187e9b4e39775cb9a1
70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237
70f7b6feaec4f65bae5e9eab6f60dbd1f08a96b90227a8559335e7be3d282a09
7129b2c2f1d0c35446d8f54bb6ad6b3df3aaad00ec583809075bc05e1b39eebe
7151b0e7dd9b3edd814ed6d59917f07fc0f4ccffb04a6d62ec335da79b53a9d9
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
72066761670e67f7821cf496191827c6835c2dbb89b031a7ca498efd31c60d12
723bf6deb6a0e7ba3f6d8c3753f44df0d069ae7636b877c406ce9aabad727f08
7263af95d2f5733c4782c1ed753f6fcc28764e776ac72b58568b86da0ccfa76a
7286da8413127b51ce6fd86843433944461a586cfcd5a49c39c8a44dd0998d38
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
7328b1fd71dc9901165c5e387ba733b7f7c89f910be3478397bac30c94ee82e4
742f7355080a61bd7b067016c8eb7ebe29ac80e34dd83e95197acf3584b943c4
7486bcc486b755497ac557e4884b9ff71c5d06088e1495eaf3ae917a160a91dc
74916ff2fa701168d1a17f57c45a7c1d0d7236078edd742a6cdbf525348cc740
756f849fe4de297f9dc575052319182bc97e41c46823e2c73da2ff358bdc4c46
7601ea78dd10893b626d1a00ee2527e6da2b9d2078b0caa4202a6af734da0aed
760e9467a08cf71e7b44b6625bd1b2b11f2a5ae3ac86aa9d057b4646657f6fb6
76817ce9ba2110ded1e5161b8cd8f9a64d2cb89f183814a0633f04374ed8ee30
769db196f325c323eb4a1a507382ee4ddae89990aab62957ba9085d5bcc02fe7
77255410684dbbba858c6fabae907a3e8ab1b2a85e43a0ca144fd723d1400327
7757af0b8c2febb31f03de766302e6f6afd7600176cc4232e86a50163df29b24
77f513ff8101df63c928451ea356e5378d5b7707fe5d5cf724db89cbda7b0766
78785a3b0ea8bb1cc4957b11fccd45226356794b19bad2af74caceb328703be5
792092647d8cfbd6e84146c87495b758b81619c30279ef624ff5946a952daf83
795c06f71ed104ec3910b4846c6b64dea372c21dd840cfe761c71e6228c134ed
7999aacf3c911d4d85d33491b144590fbdbf7882852b01ea84b10b2e82301038
7aa0445ae330e3ac49de5e277a5b7c036c5fa3571ff145434c0b9ad545c5cea4
7b0e3c627a1c15597822a525bcb06c6eded1b8ecf41596370f58c5be0beb9516
7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530
7b5147a6baf6387b21a2ec581dea729b63e3c372d501f2b0a65b3ad4e80a277a
7b52f05b443860d345ed5e6571a2881f66cc2125ebdca78c5b0af4bb58516ecb
7b96c5e174d10b70ba2573785e8dbb219a6fffc522620b2f20915e4580931773
7be8a722414a0d18b1378edf9c57ee6b6ed3648a7c607599f03b4e22c79fba43
7beec6101427eb6cae4641807057ed8f63c961ba47ce4245460752034775e5fc
7cc5b1d845948a1a145098d80fa3b76d575ead1e33c61510d3c1b941e7d32fb2
7cc6e8d6415c6a0cbcb61317855b4bc3d4eda8ef94ac0a90014c18012d1707db
7ccaa539d0c6ed26a790cb9e25607b54cbab01def7793828beb2363ee398e67f
7d68346937239319750a04e6e3e8feaef521d80f533f889fa82426effb3e7640
7e4cb4dffeaaee909f87f4c116cbe2b12eff881d34da9cfaea78b5ceb801aeea
7e4cc74daf033daee334cbc4af1ced69eed994e614c518563ec334882d8c8fd4
7eabd269d94046e76c744518aa01578a00047c238727208cded024567d7a0974
7f24d5e431e274a8d8c196752f7ab87ff9c636de1a7bc3d9c44729c1a87570a2
80f3067e64c97b54389305e82632b421dd52e76e9f714d647ee957fd6f5e5aa8
8172a76c33e06a1c24fd3670216b6970eed6ee8b46df8fd055f2accdd2029b28
8226d34df690543496498dd05b2e166bfa2be49c8644cc651364f0d578137ddc
824223df4a2291ae00674ab03f8d1c7fabe88f06dc285e88bf9cbf63967d8ce4
8254ccf105d34fcdfd5fbfbe1786161b4f5ff3cb3960493bdf0f389c667eb65e
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8361594d6f6bb464fc21d501d08597972d8eade458760f26fba35bb8fc5dc71b
8423b80cb2eb252348fb441a9ee4b1f4976932426dafc8d17b6ac33f91d47a86
8479006cd8ee0f3d9f3db91f8b57ac53772dc44b1a46c9fc4130555c9ad62d96
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
851176fb13f86ca06b54a499e9004d406875c46d138a654d1867bc6b6befd046
863d5aaf2f72d62bdfae3724f7b12f0b52961c3990618beaad0e143f07c7bb26
864b7e0e639f10dd791564ef95765640f8915ee5c739af11c869a9d6ae4d1ea2
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
86a5a69041af995d6fdadf1c773f46763bdff3bdfe79b1b02687f1b2aa49ab5e
86d2d9705fb6cc6d565566f3b169b4a06cfc0ddb8f38821a57a9bdb76576c6f6
86f5d01db39b71edd04f42a5d795203b0f5917acfa0ee40e24a2a1abe5de1071
870cc9936a4300547274e9d9d467443a4864e658d019fc8e255bbdb3847c787b
872e2f6dd758da5494fe038356b9a16a0487971b3d028174bf8af9154dd8354f
8755825c0d4c00d3b86d9643d01f62dcebe9e8ec255eeb7fb442ee6c4d235d07
88447372c8ba4e9d52aae7a51da05a4b42a32c5dbafd19f55e26ecfb0720fafc
88b709ff439278e01a2fd5d1168679c8bc0851f1cf5feaf373bc3a2ee478d0c1
88df495d2870237dc349ee5088ccb1a07fd41aab7d87ece8070eb6af1cf0d831
892fe29e89914975736e98c2cdb36ee0626687e5473d7f12b9a56811506cf4aa
893cc261113d560246c0e2e2154a832e73e6aa229ffbcecdb9ed423db9465be8
89b53f0290bafcc0768d5ef76827750fcfa29c0f236f4dc6ede525ad4a08febf
89b8e800f0c2b8d79bac42f083ce47db5b7bcf99c3736f5c2b9112d3da298edb
89bf2bcb6de7fdf72a86e7965ee86e57e34fa7a5cc3ee6ca7a369fcb69cfd03e
8a76e8c272bd9de2cb16e64d1a603192b22d0b3eb83d76f1ba1bb03e9b44d60c
8acf96115cb55ad61bfdc24b7918a946d1b983ac14062a584dbbe8744021430a
8b1a651f48c5fe359f5f25deaf96253b5b65bbffb92b21017e8c272301b9bb60
8b2d9e1d29d275c11d6322d1d707262c41944b92b82029a76269cc7236191b72
8b73b6ccd7091d6d9d23adaab2baae3c4abf6de06df8efdd03215ee9376fa035
8ba2ae67c47f32a5d153842515a0bf73e8162143975e7c4dc09c3781576ee722
8ba321bb8eebb844aaa4f99329e7141b271192547574184fe3fac01336c31061
8c3a172c032d08eddf559425fe25707602a382f01ebdee4576fefce85c66184b
8c7c6f728ef929603d2ad3bc4b730af160b960e687535b01dbabba9cb3de965e
8c85712a9d7fab6a4454e714ca05a054e8450c7be9b936190ba9446113900839
8d48f8a9d632608d040480c3e916302c86b215abe80ae5d05e8356bcca861673
8d4bf6f31d4e4cfa95410af4827fcd551aef078c06b55561c51dd5dedf258479
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8db18bb74d20b5093bd11cb42d1a527d3bc50aa4baa370e5281230d3d5994ab0
8df49d5772930e7dbbb66ddc2157f961f1d3ed1553504351d7a1ff0805333519
8e6a5af0318b32ff868d36489c665f4855a5c7657d93a7a524c6ef56ca3ff1fd
8fd80576121e312fbbe12a8acbe655f88b099f398731b90cff68323b52c9836e
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c
907d64f718dc67f4aebb97177446bb93c8571df123753c6ddd1c6bc430e92f0b
90836214b9a339527f209edaa258e33eccb7063ba6ddb24431e5074039abcf08
90975213f6b55c1bb1f21fdd580822aad6a37f08f83b960d6520925f03f1dcab
915bd3f1553df215eac97634eef5c277cd1031d103ec7f57d6eaf2031a206d2b
915ddf0d92c3226bb0483ca1e141997c3882f07ac34e63cb793d6894e51c8c2f
921302b2d7cbcbdf5a2ff399d4eb2df85904ba666e5fc40fb67f6d2b75f033c4
92bb546c3a9911a0efc6cae0e507809148009786ef8289d3923ae503646e3037
92f75b3d52eb22fd4d5af5352dc0bb43e5d0bc979f274783e7cd17884221b72e
9431eb368f1bbbfa6191163bfe36962e0a971717aac5f0bbe2226334c83a7ceb
949ef00ce71e069fc69a6b829771726245072e18e56b264c536837c459b3febf
94b37bc283ca796419b7994cec7dc0124d3554882644fb41e3b4986a75696a69
94ef218f90c37d78d7e4d1efdb95fd996f6c9d9e0e08add39f2a81350391b0b2
950dc5e40546bbe045d04eadb6da4d1bc273deeb14715ccfd9d22872071b411e
9512b4e3770bad082033ce17ef91edb5e4d9060f19c9a3ba0bccd6fbf20ad7cb
955ea8289ee4b59ef29fdc3e80f34228fab1500235e46c8cb112c71e6a2b1bae
9590acb087a19a45cabb3fdd511b27659fbdcc04735f3edfe60b24c735847bc8
95a3085dd3d3a06b6e5cd7363c44fe17c2f698c53aeee5f44891329d91bd5ecf
9643a3b0b41886b59bb134b79d37ab8e5b73dec3b767ccff4571be464d1e6a6c
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f
9721cc04ee719a10350d15df02d54a37244cc053b32fa94f85bca830c44419ca
975ebf01e544b64a40272e9cadf6d43e9ce2e8e2bd2ed0b756d0958be454aa92
97ad811c256c5085c585ea0911b6adc45514ee6645506e8331f03ab7db92f23f
97b98af2b0d2b574e0e90569050f0d581cdc72013ebe2140c95b1c3cd53db1c1
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9978410e404c2f058fe25e4d4a70899c7a817bc0b86eddb39d97e827038aa770
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a029db7eb53dcd49c104986d576184f961ca4bdf083466d7b2518480addde03
9a2736d645ee3c9e999a46c25f115f41ba6a1006ea60c2a554d0c00ae0ad8e80
9a670c8de641721d2f3ab1ae697f9adeb7e6bc24b52c110bf1c00f2235a1c61c
9a8c641f2a1362a1f5cf7c0eb8bec9cf449dd30be15024437028a411181c3714
9aaea7fc05b68f81c92d9a73ddb28cffdbb3664d6ec802435ab3a6f14544d05b
9b16d376b325f38249de8eb4a440f3dc6d85ab2655b0b2fdf53fd090d91037fe
9b6a57b51d158224de383cad30a81fe3e4d3d5436e55d3851045a7f6e0258176
9c223c19c854dc59fe511ac1cb396385d8b467b7ac361eb7e5429be7a5486db7
9c38f02c628f7dae33ce15e87873e75daac875b8b80837b8dbc8a7d18805f4b7
9c994379ed714e7259c69a12df6c3d8832e7ad573f05aba95b2dd3e37898ca6a
9ca81830e9a59bf8bfcfb4bb8dc93c1b2b97178832968fa65e51893ea6383fca
9d8bfd4ae9ceb691520a08941b1fa0f10ea75b94f64598169ba1253e41a75a2f
9d8d2b28aa7e8a0c5ea4e3b88982a33f71f8324ca9b19786c61e0db38f93c08f
9e02a9e90bcaa24ed5811c94d06e62db04898f388eda54f0872609c11c22531d
9e8e86196a2265fc48c1d25c4a27a548ae3ef8393615d0b3e4c9762ae985a2a6
9f0a28c36e4306b4dd5139cbd6db4c73d88c806f90e1d627ace099e2e50e2196
9f194f4b5feb160e249d2ca0f6165f8aada18ef3326ee3690e858b5a39e678ca
9f6770cedfac6bbdcda8cd765b365da271394136cd6a4c77c9ca6a7929ac51a9
9f75299b386c373f0a26b37138779fda88de69fb1b01d5aac240838901a2d725
9fde6da568db31801e29243a903bf24f342256b41e3c01e7d018ff7c566ce7fc
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a074de5387c8670d9293d4807e914bc7a32c752ac5871e0b7b89ad5b5f395eac
a0c148036e0413f3fc6010d3c56538b721c7467ce292c979d81f58304ebb8127
a0c8f98d3f54dfb5f383cd071437a29efc5f6ff441adbaa13dde93ada94439ff
a14792210367749345c8ef1ffb21b6ccaaa88c1c97b4ab527e9bcfca36c1aec4
a18cbdbb0fbb733d7f4cba5d2afd6b2706e3f141c743f491057e5800368cd8e5
a1907739d0370df173c89f627b004d6d437fff000b43f5b0c051382e5b4f8695
a23d624d137e1fbeb52277c02cbf9f88d92919b2dba6428a325f727f7dd01fa0
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
a28a26208365888103818ef022f461f9cddf9db06206e74c49b4c329b845b6b8
a29fdbb2ddb4bc74c7197d5f9cfc38eab7da2a0b998e704c3124875e570ebb55
a34a34f808d987f8da99166a1abc4dc5393f62f69e81fa0237e3fe8023474ad7
a3810014c412a8c445ae48f7d50f0eccc2db3b179550bd3252247ef58634bde8
a3e3a9ace19028b4d3934fb71f16d28d5181f7f2364fec602989530b324b3c69
a3fe0ee0ac684098398a3d520ed4b653a69f10e39a6024b01df00ab0fd3fac36
a411d49da011f31a32b325944c76642882f2936af5caf775f19e416b238795de
a44c5ec9be6bcd67f6e553875dcb9066851517c90d83e8d812a019761015880f
a46f5a91c8430fc5bed35eacb842cbed70e5acc34bb6f7e6f97fc793a165e316
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a506d8ecc5d74247f1e4c0696b721fa69de266d37063cf187aedccc0cc8b936f
a5856b68e013b646b76754c8e3bd6af47a51ab28c7b09adce348e8eece1fec05
a5c99d00326c44f5282df532d777645911e42fe26b9ba74b15a446315a291697
a5feba8ce66eafb93cd4dfff5083877ea2b2bf8daaded3058288b7cddb956cfb
a6014f6b98eaeb6078b9e1c953c61f33af95d5f4866d89a416d01b74a0dd6c27
a6fa1a8b37036a567e96575f2ea67f8b43963284b7531d9fe6ffeb6683fc319d
a726757d5daf47507e36a6b32c8a26abf66f30b1ecb2ad7a7c080f19893b72e1
a798799cacd8107f6a58f27d0f1fc4d2b3d3725df53d73300dba62978fbf0022
a85690145b835d853f0264f6b9bf387e3ee7ec68f7c1d5e524c75380a7f9b39a
a87b363dd81e5dca741da3dff3a57878ff5af6285b96dc7c981030b2e8437abf
a8a878bfcdb3c21269b705c923748850ac2d54fba507c752c6eb26ea766e93ec
a8e23424c98aa13582f401c1bbd9b5d880d49109ef583bc41c585a68d128ecca
a8e91147663e766b9d516e4b7fd39f21685b1866829dd58595a997463a3d1b24
a90052f90558c28d7f8fea24d57519ebf7f2112786ed3895a66d1ffe56e61a8d
a945dfd8a51c13673a7f62fe92a9bb43daa7fbca2ec02088ac8803749844f60d
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
a9a0048cd62fa97d7b9953ec74f9fc77c1adde8f9eb28b34ba407a11863d553f
a9af85c75793307e7639f72812b5f35ff45721624d043a7be27441e02c1103cd
aa0e39885bc8fae60b78e3e7a78a964b43166b1d3c6588b433ce73f8fb7da315
aa36229be213fc8580c0497aef8b9818e764415515ab5416ac8b68f2ffc5ddad
aa5f90a8b39fa758d891146e98c9292bd53fad6ad7f0f458d08b0ae3e084967f
aaf79049653fecc62abee09c76d41c400f586396fb35804ccdb23d980a80154d
ab1ecb7ddf548561c97e2f94fa9f65ee6d5e4a981b24313899c9428882a872c4
ab2d05e1694204118cb7f82041febdef8096a1513197183923c6c09d84f97e5d
acff2f7ced83945dfb1b2227c926ec6a29d4c9ef436b6cd78a0d0d7447286a09
ad2cde4573f7c4a898dd28625ec55001d7a09985f565f1258bf439a5222e5cc6
ad4a1a74e12f78bc85fdcec12ec0bdd7e660991ec0ede5a7c3c294467b97047f
ad61ed6eab59daa00c840b4dd1ad8cf1114d3fb3d264ba2f546bf37453334100
addfb8c4331eb753e56a9b2834ec2e75d2ad7fd5effa91ba7e9e2a61e0bd6dd0
adfc18322b091bcd55ca8835a1bf8f98f6aa8b872b5296ad22987309c1029aa3
ae03cc8289bf29052443a7a5ca94f18937ca268eb2c4d2c88190de50d20866f5
ae2930e8cd5304367f9174bc50e2448467b59a870c1951a5a28215fa17a6a7e1
ae4f9786606dd99b88bedfb8432b47789670032cf7cf67793b02031e98fdbf27
ae5b181c9dbaae751bb30bfd96f9ea0ca1faf7693522e65ca0105b15c53bfdcb
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af28b0620339b881ece4f0987834abcdc9f99819bcc3a5604ab8a65b5d352d3f
af7293296b39476533cec1b269be3caa3f338fa6a544d0395d1db0bca1903a44
afac0fa779cdb01b714b1433a69d764fab98ce5aeb42e71319d326906a67c1ae
afd077c72975aec1e5d7caf213ab30db50896cf151f3c39b0a53f2d0de6be009
aff45352f0df2aef68cff9c35d82db41f3f209eef15ee03c4b7fd1e728c39a7e
b0c28f33db12062afd94e4dc7ba9e520b3f40770e06e1744c850872714385897
b128fc8d1d046bffba9a04bcef5deecee22269943b75c488a9fce0dcab444aab
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b21cdd22eaaa47b0545de5c314702421b7619a60c6410f1bf2ed160d8772d1bf
b223bbd695f51b1e40ad55d494702d764f1d72d8b55966330a7ef014c8807140
b2284b14c0d9b5328d8e0cedc027ed7231906b48c31c41d5f41c0aca43a9ff2f
b24207967ac402c984033e70a55264014d8a2c4a6528b5196881e3781f0c5a44
b2653403395dcd905e5d0e9bcfe3fd9b93228a68546704cb2ff263ba493c34ab
b2ae9aa32373d791b7b2e8197f12da5cc2bc4e598272ed96d1b66f542323b5ae
b2b25245566c9f9e1107281e959bbd92b815e387e17abf44a402e86a06d2c93f
b2e410ba98203acdffc3fcb58d6a73b651669088a87108c2808cfffc4cda3f54
b3f7adb6271bcb2c0caac593336872306dd67c88650c4a677bdeae4ea1cc4732
b403d3219253aa35189b5981680acf84f4e294bff20b70e9d2bcfbaf8bd30359
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9
b46860f4ea39a432f8d6bbe86a781edef43dfdaa39037b5df14d32f83c955e91
b4ad460966fd3f1d1f9cf6d9e2ffc52abdcf4b0a56f41fed185105dc28331e88
b4ebf79364a5cbc490423beb0c71f364c65b9c023dfc608afb35c93f587830b5
b51d5c5fc05e4d5ad17b8abc563e63c63c7628982ea443a50e70151738585222
b549e1e3f53c1b57450430ae5a523d1676dec898d0186d417f67ed8b5adbcb45
b64c993616ae222736bfd1af517cfe652de1c881c1ac6ba16919b86b89da0d57
b66fc72eaf36d6786e8420d236ec4782b2fdffe8d95c182c923b2518d326728f
b7716564cff338b823fa35529760e6a29a088dca1a2aabf5bb33aad7c7d8ce92
b8e71ebd3510e78168bb99c6b46bcffb9331407ac87edcf189a9e4598cd7f20b
b8f192054fa50faa0120feef3389582a4ca82c77ed0922b8db821806e3f9b6a1
b8ff2560628d56008101b3dbf9816112dae4fb8260c4be0617518ace2a7ddf17
b912f9dcae358b9ef7e2d6b1f368eeabe05d17af890ff48ce0820e9facbc9fe7
b91b8468071d3c97579311d89afd974eba95bd6e72a7d2467c2787d0add5a34e
b9355b9cf9c1a25ea40d095f828620a90fda18324d90439bbc7f54f19578614b
b93c60c5e811a3167be77549da632cbc9c83dc84913af1f3d598be0b332f3452
b94379c33ea47b982956b011a24f2f9593626934ba48672c9e27536ae4355a66
b98c1e393e123674731785369f76851ad59c2ef17b268068f90f3b124615b736
b99a8be0c36ac7fb2303d06b4cd2c851c7e6a97a1c7788747f1112091f57e7a1
b9aefde1e069e09fe896e19cba9934cde9560f45cb70b76a028d17a76a346182
b9efe26d2090c88b6742a266cee357a893281150462886afcc6f7386e2296566
ba25cadaafc9c379029938b3c918e244c2a2f8d53778e4cb7cb919b0ff032eff
ba6eda7945ab8d7e57b34cc5a3dd292fa2e4c60a5ced79236ecf1a9e0f0c2d32
ba7c20e0ec0b29b295f61779344c3913d3a6a817826bdcfc4dd2b168d8bc8848
bb4c5d88b7be505fb91da7ef774defc6b3a7cd41a1398e055d6e943d88101072
bb737a9d64a659472f0cd0d7723c5dadb4429da71676770ab58d6f72cb8e7a42
bba703285e14e4e122959963ee8f3ecb5105a12295e12330e642a1daba162dd9
bbdc068fde4ea17c7dc0588ac9b8bb12554aa330ae5d0b1dc5581e9c70e16898
bd9938123458a70098f31f64a2e12ffcb5eaf9c7ec46537976d16be592a55c5b
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
be07ad2ab9552eb3f2ff1d133b2593f9c25471d4835350220527ca5d2bda4f27
be36cf242d7b206d66842ab5b36af859b780372bba70cb5d72acda2626ffe52e
bed6e978ee9016807775c7562f72055e003efc79d87b19e8577042c1c84a7380
bee1bcc126188c77c4727e099334505a8ec3397e2ca0ec834ef53a30734e5d89
bf20ed934ffefe7efdf6b839a3b245a31a6f998b5726bc90249c0ca58083e264
bf2b2e9f251fb5acfaa0c2c9451d5f80f307a41d4ba370c6f0f475b98f2fc269
bf7eed8c066cb8c123a8bcd1a31795dd09c83822291b4e4f28ed164fba212b95
bfacf385f86125785fed4aae078b4b073906ebe479f3b42a0d1f16516f9389ec
bfc2aef5a235f1d8c3485cdcaf542e6d743b273d1017651e0a4aa5b8c7d368de
c0184df5fdaf8ba525d57fb59e089e29eb1267110c718117a09412259facaa17
c0935b8468a6aa80443c834455aced4f5c28fd6ec2eddd7c81cb57cd90374490
c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c23eb13bc4b4ca8a1ed582ec929d59ea58a97937ce955c4a087116c5f26acce7
c2c606c7d8cc515ed60f97d7cd0af77a08292fd25fec7620fe41da90a87cfc58
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c3339c70a839382d7cbcf838c4925b52843a7fd3f1a9e34a6ae33b110aac9c52
c3d6dd40d554051caae0e87609382cfbf0370ef9acd3beddd1ad5c0bfd335c15
c3d9895ded4a312811772562509a770b1d043056128feb424bac73028b9a901b
c3e063a344fed33b123ec6c81ff517910af240baff763f47214eae4187738788
c4ee1c3fc85b6c8201462e13810e5a624a48664d974084571dd56ae2ddc3e70f
c528d65e263736a020939211d3f1354dfa0b51294eb41694ef84ad3574f7a8af
c56742d514c4231384aee359084d47c9e45ae27587f2b99fb7a11b3fcda07fd0
c59dd1308c17bbea9f02896777ce23345ee0210ce6266c9ab93682951472d07a
c5dc65ef117197b9e3018530f2a4ceab0f79e1344f6c3f2be6057a795b1e5c42
c67e2608ed000b3b8a81f9d432794bc8d74eb4632744707398fb798786079976
c7a54611f312c7b00cdb2d7820104c1b00737c014c968645b4cb5cac7035a16a
c7e38babd4e42ddcbae210fd7794831d215a9f8e81888c0dfcb607816ca629f9
c81dcbfcda9318d5f8a090d0de11268066194a28159e3c058582022c60ef5b1e
c83fbfb400086629d2d7afb35b65757fd1f454f33ce2a4701a018904025b4ced
c8bbeed2716ad13e26da5da0ac69e98128aa6bc7386355fcc078a786476c1b77
c9077aea27b6ad2a3a89b7f16117d9e661b3529c3ce43b6bdad3593acb76cbcf
c92b40ea14511c55600eea6ac416a4439591e23e162c5d5bb9f7cd6dea66f734
c93113d10d104c77263283ca19fc333f6c54abf58948b100bf7bc712da4378be
c9406a92f81fad251295cd64386a8bb62ee7503f589ae1b96893faae2f4fcb18
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c999c000349acfb1b1aa739036aae75a1d7fa48d09b9470a6e75687bf21c9326
ca421d1427eb6067f9d9fc6fd7c8def7df22fc4eb1630bc567cacd93718dfa62
ca4381b0dea3fdce96966f4880824d475bb35b8e75eae37cb5dc3db7aba9dc30
ca5c9982b4063a0f2822cc2b3f90e8ab3e0042f5d25fec273e1b9c88b0fe8531
cb02dc03b47316747ce2fd9973cff08af33fbacba4cbcd2e52d8ffed5cc1e7e9
cb0dceddf8bf9874cb5d2008b17c9acaec367feedfda2b9a88d1e3bbc1667694
cb48f2ee608a60568c48b9b4faf07d9ba33f7ff73aa6b686c8dfc786a5f8f33f
cb5676dc6553aa0b6ad29256a7a9d05e9965e36279ff144d39e8ae78eca9c06a
cc349392e5d4cea9d296f1bb100c3f3b82a2bdb3a22cec6d5cfc0569d0a79275
cc63c1d06a8544ade6cd9cbf1c01d02df0decafec7414c3838349473f76dfb50
cca98b281de5d8444eadf7c77b84ea6b5891ecf9e5bcdaa3fcdb77167772c0c5
ccc65bc681d65000a02734fff2f15dbb45651a7fbb83e2380580952a02d6da89
cd0038772a98bda5ec58eba7ca6dc699314b866e14a3a5f45921847d033873f1
cd2a8f6468ebf54a38933c6c2e50a3943235902c00ab9a0caccc70f8fe598079
cd407b197e84ddc85d04cbdc8698ec8409c8d43d63280628212def1a1a2d8f36
cd460b71de1648c4484c5ff960c250054d3461199625f64028cc7bfa164292b8
ce0d3fde38c6245898151124b75d34e174f0deedee014935b6816ac790648582
ce7c92e49958cc4975f58049fa4a1335bc9e5762fb6411ce5ad7382cc3c56922
cf321c12da9a150449d443d144279ea82360c8f8ee6825057974fe39fc31462a
cf345b823c947603926c9633eee3a62f0919754f362f457265122cce31377a79
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cff37806a2f1475eda3383f305c8aee3860320a07090fdc8034ded3ed90ab0cd
d049608e01345adb42306f5ab76959a76f6b2a3280808c54ed3d8ab97c4cff11
d05a8228b0ea1a47d0a04658a79278f50dbcaa41b15f09a17df6cd7222861733
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d0df891a9e52946edf32ab30ddabc8d01d80a058350a6c5d540f115974cb5ed8
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
d1d98bda78ef964576b8680c2593524c8ac8789c9f60bd17afc45eda5e5e28af
d28d908a1a394a8e9ed6aa4b494540dceb1c1d5177dcc904e818fbdfc1cfac2c
d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77
d2c072cd7d1a1853765e42579432855238d399ddac4e07ac399175ed31539a4e
d33e4234716189e1e98505ff1746c10114be3490b1e91c26e646d4fa6b392817
d382505f825e70fbf900f9f655ed689e88267376dfba5f31a6d5564cbb9612a7
d3d13019705a204cd1ed08035642a2f8e6b6e95319a83fa5c3d9b5f149994779
d3f7432bb497ce29f14ee5e692b0fcb2b565e6a80ee6a790d60e8ac90613ee8e
d50ae1c9b63b678c6cdaa47ec3338db2527874e314cf919606cbd542e25b2763
d545ba9f93c7f54b316be6bbd4e44275f55bee3204ca87b7e9c9a25ac36d875e
d582ae0cd2acd6357994ccf36a4151d46d233dfbce7834ed9f5c43f2be4ab04f
d5f33154b951d05508598617ae7f406cb3792750efd57817fac7376f5b88f9f9
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d6db51dde821787b0874c49cc45668b2d8068e9990f939dddba89e49eab36884
d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808
d6e658a0ff113eabdc2f6394627f5d4365a5a1dc7a2fe160daec5dd598834015
d711f0b89decdbc7e514dfe8641bb296c303ae59bc68cbdfb16a25d9fe0fe9bb
d73b66fd6ef4a3aa7f6dc5a5aedca80c23f135aafc478248f32d47204cd1b740
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
d82b3b69ed27853344397a159429cced7fa5019fa56412c0a3d627471ef709ef
d9a7d14f97a711fdb669a8f49951bfee07659988cd965c4c2416174038236ed2
da41ce6cf283477cc9075a9be6503feba0a07716620a8044173cd6644e85bc17
da5186fe0bb5dd59e7ece6ee7efac70c31755611e385fa423585572cb9628fcf
db814861d49be04b20787ea6ccaf1f0cabafcf2b6242e7cbb7ac9bcb92e81b01
db81f09ae3bd3e6f232c5e06e2d10482ccd946031ebd50d11061a786354fd3d3
dbbcccf5eeb1877739349f95cbf3479c958f5196fe1dcca756a0eb81c5d9e311
dc239d17579cc419deddd4872fc79152ad1dfa5923e699dfe6c53de1ab3a322b
dc3a0e2e935e1287780338713472a6ab77cfddcd82259c9d6bb4317de0d93898
dc940d8274a6e840bb2d7f77e95f97a1772e5402cf5ad680e669836677d83875
dca83e01a27ceef4a431095b0680ecbcd4215a2e5cc1d4bf76eb97a3f8d3b296
dcca2c909fac41c8d7ee57ddc66ce0711f1ec1e1688445dcc08df86bc28a5c7c
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd9d05894c94d5ae6c6d82dd3f5d60bdc3d6888ce6fb53bb0121c2b26f444782
ddaae7809050477153c9e46d2f79ae00615a19c2fc887b2e6d83aaab8f2604bc
ddc69579d30a86d336e8bde0f848786b96e8ac5e93c3694a85765786eac520ee
de0c1d0414b88172fe70c50392d0cf4b65f86aaa3295b37e65ec7a402a54ff6b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de74c5932dd0059711e28fb5117abea8ffceea48a036383d289747d6f8e0187b
dfe8b3a3d3846a2115ef6de117289c8248080f2602a5951e3116734af14b430c
dff33f3eb71e3f0a789da7717269ffbacdd7f4337db9fe095fdade6ead5079af
e08871ed7fb645682a93bddd73649efb40e662ed4900744e6c3e9c2b2a62d579
e12060904439ec70952c183d76f6514cac137d399037f426e8ad9c7aea74953e
e14d2d26caa892f6d30c14d72cef32a34fbb73fe7795e7190b05954777e1d4ac
e1550edcb36c4ee65d4a649dff48ecc31cde47661b12ed377708d88a14330cae
e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3
e1b901586d2dba4cbb94e0ebd2edc28366164be66b6c5c6ca365f2b1cbc6d309
e1bba4d800545cbd99d413c57bb28e6155fb8462c55391a4c40564a4e00c8ac3
e1ce41d9568f496ed2c373cd6c7235bc603991d71061299474a362fa8c671d5a
e1e861ccb47b8b7326e77d98d7b37a7ec169bfc5e412832777953bd79357e537
e1fef875d37f47a9e678bb2bc09d53020166cd070b24bb8b93f750e6fbb0121a
e2eec9839f427a77f6427a55e2c2f1d54b5a4620a8b30f53de1b1081f0505f8e
e2f1fddac35ded918e3749703678532e2e97d18ee7390420eb89d96f8ff7408f
e317d72184f175517e5c71273b70cc53d88e1bf4887e3fac1c1c7e448f83b323
e336006701bb4371e98c9fd71e6e2e11ed929957259f2924d9d0153f2917e367
e3528d161236d120e59d8bf71e5fec4da411343749a989556591778e6ff8388b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b6174a36f89a43f99fc21eb0329038be1f89a4bf2d30bb5e3f2080e3ab35ec
e3d228f21c1416847a787052cadbac5df6182bb7b5fb185d4edbf9dc225e5ec3
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e4a6c0e6f625f8cc2e99b29ed011b52f9feed8db64e620a0c306c816ed9c76a6
e4c80c7e1fea7c6772d526a8bd5845218e020c523d75d79b7937468f51c5af75
e4d33dc41f3c1ccd072d47c46a33dfc161c4a13570974f3ff199e9fe91187b75
e4e01da7b2e352aa4476d17876dda633dda20683689c0dffb922728839826121
e514b354c703fc3e682872284813819dd284debd148e35a6e84559a605cd7907
e60384e9d3fd4f77f2d793048bd4a7b8c84f2e9d830cdb9d1d6738c57dfadfec
e67acaac5e4f84871ffc2308e16ff993d27823ead434c8ec80144161c15fca39
e68c94ba3118695b2a5be0bdafe4259bda8db3819d992e6d3d0b1fb537bd352f
e6977ae787fcf9c99799fb70d29437af1a160c76bb79cc0a39abab98547c59eb
e7909570b779fbfad32140f51531d5556f1f14d18153c0776ed1e571f9495b60
e7ca23c932f9e4f39bb36188282dccdbc7985253318c858c03ad7387df7e1c60
e7e0b42b5c96a9f90275de9194b3dcd1cc31b13f62a26b2692069f1898b1e6b4
e82c1a7898d05fe7bd7bf73bed1ae473708e5ba6d91a74df4ce6dad4696dcd69
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
e8d4f98be15e150d917ac81bf374133cd6b8119f6e073a642d2169df07a64bd7
e8ed327ab6c327cae47c38bdb2efb5414ff1f3405ea1da3bca3cfcef891640a5
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e9c32c03a580096ba5d22cf513262e2113fd92ecc9de9c2e13e6e29df65a5ab0
e9cea8579218a86c480046ead325e6eb6732703ba2e5e1c71167d8e5b140747d
e9d19a7beca7a47858434fe6010fd16dde093d7727e606485597973a697aa2b7
ea75fb39df594682cf1e4037e2e3dcfa0c3bfd928788e4d97a5afa7de90220a6
eabcc9748981077e9ff24a067112f56e07d07e272d65ea31e5c3eba1bc6decbf
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
eb91f6b6ad53658e45219d8163fdb35144c18242294a26469305fd4faac6c1d0
ec3013120366bcf6abaa46fb6efd035155af915f66b39d4c3038e168b4aa4e9c
ec5c99aa80b11be25a1046e387f72f72bca94be9ac3ff57f18583db7b91dd107
ec73b4427631cd680c75c31ca108f172bde68cbd173b2ac7bb81a814f3455bdf
ed12106fe484590d9481d48024e30d294b75b35e238fcf0d5dd3c59c22d8b4c4
ed18bc1b9a4257617b0a4f0f0a2e4714f5e4fc204390c06d56ebc1c50a00ad33
ed51a7d3bddecdd5fe911f8dfad389d1894394e1333cb652f1213113fa25e4a9
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
edbcd1542ddf12f60bca4cb783d5c80d1e4b01ab1dd2a31f3bd9cf5774ed6524
ede5ba0b35e51af2734737e1c0087a0be1ed3cba1250838441a51624d3290313
edfba05b50aad070a5a31aa5b3f3818b31423060f0376fc3c42eea394a13d4ed
ef044ab3234a07c9d87ac69e041d6efe4992dea0c1367dd3ac330f8b00cf2b92
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2beffffc73d2fbf1b2525a64f6bd82330b1366aaf2abed7dea8f6c3e2f421b
ef9d9f668ea392cd35222ee8646f199ea00d75c6b3d6bd8556d75dfb4b1431b2
efab8ac01e647a59c2d270e5b91f6c3206e1d0a84a591759f5f9cdf928a6b33a
efe1e7b15f88d62feac06c1937e1c209f3e3b2c3af373d2fa8d10110a6e86028
f00174244aafd9e0a4b5cb766508ad72720616f62cc24c3988815377a3b35384
f02ec6f3ed1c65307c993f3fadea6534e06589ee17f13d6a112168b0ae47cad2
f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130
f050dd665b935a362dfaba1872588b13d4b1391f9f355252ad00a7d50097aee1
f0648dd60b72161450eb93d6fa81bb6ec46bb9dffb2d2d0c6f3b5d4ac1e01dda
f08400e1aef7432a2ba1bfd755193f59370ce42007b564162f17f99efed0998b
f095e815025c4c078a942e3314e6118425f8641b9e37330c24fb06544e74e801
f0e663610d94b6f5ab02126a1d22bf6e987463c722dc0c92ca67bdfd85095b66
f0ef56b6e451abaf3b8b9094e66469c37307efb0aec6b5735cf77e26eee061ca
f1524829dc01b3eaeb0faba5e6511c6ce9168d9f1c4668e178b0deac883db740
f15330d7f1ea99d421119be1a83268cee81b6a4e668bc90cfbab214ba67a0adb
f237279729ae7345c37af174d74f5c27f0e24713436e3b08f1e075fc28dd5f50
f265610ea9312f96db83689184e186fc7b0cd517717ff095e0b33d4c0bdc48a2
f2838178a12207a5cb78e8b8bb3355f41969603d24d64d6355c1161fa630cbd3
f2985f8e39270c409883a48f4a656e99d2bfd3aa8aa28d19583f36263d59a6d4
f2c78d36462be878665cabca12bd7988303bb7c94adcfdb8cd89c35acc3ee604
f2f8c7997f52d388163a69b8832524663fd4b607f83cdb13ed9c6e928ad71fac
f36d8e02503382092264c1682e3b8d3c8758f87e077bf3bd84f8cf0914239f01
f393ad0abf118d62ee74a158a8f1228ac4ee3406bf167763d0ab4ddf915d4bd1
f398e172a9b98aa3e73d972d990f5ae3d819d048be8d9e8636b12108c45535ea
f477371b4a58d7fc36343e56d3f11478ab8f0ddcf244b5e90c3391df69c36dc2
f4fed9a41867a59109581da07ec1e0af04f8d9469a21da66a6907a1b56a7f1c0
f5d5fad76fe84403d6b861f22034bf5dc785fdae33928670c932341e8dbe4cb7
f5d7102905ad096629451745d43050a6aab114a80ea27a9b458500b09cd006a5
f631fec40daaba78983792e7b88a2c07edfa2c90aae98bc1385b243c4e07a288
f6b9eebb05461840790fc804b4590323ef12a57fe5af7fcdeed2d798e572844b
f70979cd416422e7424e08403d35026e241a1dd2bf3c705d255acb200eae9d13
f841897bfa312ae67cb627afaf2bfe992fc91246cfa20e91abcd7b02ddcd40f2
f8a6a807c8d0ba729f942638a088bdffebd096a31bd218930f8221519baa930b
f8b8e23bfd5699e4dd79615cd60cb3f4d74128b6a68027fe83a20cb3087f4c13
f9a65f7d0654f1a89f101fc189fc5e7876b466ecc0b3daced8ccc63044a382cf
fb15a1f319ea98f09e081a5fd5816f1b91efc6392e39f40fb4bbcdb57c1dcf18
fc3fc4a973822fd76b4d11a520d5c0cc3ff880413636d272d8c315103b586780
fc5ad420c4d7364d102d2f7043847421d86aefd5b9844bb4b583ad12e25e72a4
fc7739fbb0e53c62017cf199604c9e8e77a0892aa9c47a33fb71e00141ae323f
fcc5ada8cc56a76efada75936c6a614116a2e339ac18c72322a4ccce8057c93d
fd07ce22026d06c7ed2eb1e4a0ed26b950954fe0acc8a2a85589ddf19cf3b511
fd41e599ae317daad4f95bddf6326bd7c660229ff13817c84551a9774395a7f8
fd5cf7d4cbeb21062cd313590d74dc1df48375abed732722c3126d7299507bb3
fdb7bd08fe7081bc6bfaef1b81b15d0a6aa645e1c2411be29e957e28c725ec30
fe13ca84e8dfde72b1eb2cd873e53a03423b06b0932e5870dfb368837db49730
fe6ff091003702c9fb1bc270130641e902d2699b7ceefee69da48175f287d7f8
fe8be1982582fe053637e240873926c172046c5eacb42a60aff01c88ed8ead81
feaa404ec0eb3142b2867b271a772f018cf2b23fccef10cb0e572fda23315715